Plaintext
PYTHON ASSEMBLER FORTRAN ROUNDCUBE + MORE
Inside the…
UBUNTU
PHONE
The world’s favourite Linux distro is
coming to millions of pockets
SHARE DEALING
Get rich quick slowly
Write code to buy and
sell shares, then weep
as capitalism implodes
COMMUNITY
Start a FOSS project
You too can build a Free
Software legacy – just
make sure you do it right
38+ PAGES OF TUTORIALS
GROUP TEST Find the best distro for your NAS box
VECTOR GRAPHICS Adorn your website with SVG images
May 2015 £5.99 Printed in the UK
X86 Get your microscope and see how your computer really works
RASPBERRY PI CRYPTOCURRENCIES
EBEN UPTON ALTCOINS
“You could just sit on your How cryptography, privacy
arse and in two years time, and hard maths are shaking
everything will be twice as fast.” up the world of finance
�� WELCOME
Linux for human beings
The May issue
Linux Voice is different.
Linux Voice is special.
Here’s why… GRAHAM MORRISON
A free software advocate
At the end of each financial and writer since the late
1
year we’ll give 50% of our 1990s, Graham is a lapsed
profits to a selection of KDE contributor and author
organisations that support free of the Meeq MIDI step
software, decided by a vote among sequencer.
our readers (that’s you).
W SUBSCRIBE
hen you first turn on an Ubuntu Phone, you don’t expect
No later than nine months to see that familiar colour scheme, or the launch panel,
2
after first publication, we will
relicense all of our content under
or Unity. But all the old familiar elements that make up
the Ubuntu desktop have made the transition. They’re all there,
ON PAGE 64
the Creative Commons CC-BY-SA running in the palm of your hand. It’s not the desktop, of course. It’s
licence, so that old content can a completely different way of interacting with technology, but this
still be useful, and can live on even is still a considerable achievement for a relatively small company.
after the magazine has come off Canonical has been able to take an idea – immortalised by the
the shelves. Ubuntu Edge crowdfunding campaign – and turn it into reality.
What Canonical is doing is important. It’s providing an alternative
We’re a small company, so and giving us more choice. And while there are several open mobile
3
we don’t have a board of alternatives, including Firefox OS, Tizen and even Android, none
directors or a bunch of would be possible without Linux. Open source is the great enabler.
shareholders in the City of London It enables companies like Canonical and Mozilla to go their own
to keep happy. The only people way. It builds an ecosystem where choice and competition flourish,
that matter to us are the readers. hopefully pushing us ever closer to technology that works for us,
and not against us.
THE LINUX VOICE TEAM Graham Morrison
Editor Graham Morrison Editor, Linux Voice
graham@linuxvoice.com
Deputy editor Andrew Gregory
What’s hot in LV#014
andrew@linuxvoice.com
Technical editor Ben Everard
ben@linuxvoice.com
Editor at large Mike Saunders
mike@linuxvoice.com
Games editor Michel Loubet-Jambert
michel@linuxvoice.com
Creative director Stacey Black
stacey@linuxvoice.com
Malign puppetmaster Nick Veitch
nick@linuxvoice.com
Editorial contributors:
Mark Crutch, Andrew Conway, Tim
Elliot, Marco Fioretti, Josette Garcia, MAYANK SHARMA BEN EVERARD MIKE SAUNDERS
Juliet Kemp, John Lane, Vincent “I’ve been thinking of buying into “Hearing Eben Upton explain how “Fortran passed me by the 1st
Mealing, Simon Phipps, Les Pounder, some cryptocurrency, so Ben’s Eric Schmidt caused him to time around (and the 2nd and
Mayank Sharma, Valentine Sinitsyn overview of what it is and why it’s return to Raspberry Pi HQ and 3rd), but it sounds ace so I’m
important is vital reading.” p28 cancel all model 2 R&D.” p44 going to try it now.” p100
www.linuxvoice.com 3
� CONTENTS
May LV014
Filled to bursting point with tutorials, tips and hacks, it’s your new Linux Voice!
20 REGULARS
SUBSCRIBE News
06
ON PAGE 64 GnuPG gets a much-needed
cash boost, and Linux kernel
developers get hired.
08 Distrohopper
Find your next favourite Linux
distro, which this month will
UBUNTU
be Tails, ArchBang or KaOS.
10 Gaming
Zombies, cards and a game
PHONES
on a Grecian urn vie for our
in-demand attention.
12 Speak your brains
Share your thoughts – there are
In 2015 Linux is going to find no prizes for doing so, but we
might thoughtfully nod.
itself in millions of pockets 16 LV on tour
Our agents report from Jersey,
around the world – find out how. Ipswich and the London
PostgreSQL meetup.
42 FAQ: HTTP/2
Like our Victorian sewers,
44 the internet’s plumbing
desparately needs an upgrade.
Eben Upton 58 Group test
Find the best operating
We learn what it’s system for your network
attached storage.
like to drag the UK’s Subscribe!
education curriculum 64
Save money on your monthly
fix of Linux Voice by getting it
kicking and delivered to your door/inbox.
screaming 66 Sysadmin
into 2015. Meet every system
administrator’s best friend –
the Webmin interface.
68 FOSSpicks
Try the best Free Software in
existence – it’s all there on
the other end of a download.
110 Masterclass
Keep a close eye on
your network traffic with
Wireshark and Tshark.
114 My Linux desktop
Enter the geek den of
28
ALTCOINS 36
OPEN HARDWARE 32
START A FREE Selene Scriven, professional
Bitcoins, Litecoins, You have no way of SOFTWARE PROJECT Ubuntu breaker.
Darkcoins and knowing that your So you have a great 18 FOSDEM
more, explained and closed hardware isn’t idea for a FOSS Mike and Ben visit Brussels
to celebrate the biggest Free
demystified for the spying on you – that’s project – here’s what Software gathering in Europe.
curious. why we need LowRISC. to do next.
4 www.linuxvoice.com
�TUTORIALS REVIEWS
78 80
TUTORIALS REVIEWS
78 80
May LV014
Xfce 4.12
Redshift: Ease eye strain HTML, CSS and
50
The latest desktop from the
and sleep easier JavaScript on the Pi Xfce team has the apps, the
looks and the usability
Reset your body clock with free Learn web essentials
Redshift: the easyHTML, CSS and
Ease eye strain
50 Xfce 4.12
The latest desktop fro
software and the Kelvin scale. way with Google Coder.
and sleep easier JavaScript on the Pi Xfce team has the ap
looks and the usabilit
Reset your body clock with free Learn web essentials the easy
84 software
88 and the Kelvin scale. way with Google Coder.
84 88
VLC
52 VLC 52
The Swiss Army knife of The Swiss Army knife
multimedia playback
Vector graphics on the Vector
How graphics
your on the
computer How your computer
multimedia playback adds another layer of polis
web, for the web another
works: inside layer chip
an X86 of polish.
web, for the web works: inside an X86 chip
Prettify your web pages with Get down to the nuts and bolts of
53 Krita 2.9
Krita 2.9 53 Move over Gimp – yo
Prettify your web pages with low-bandwidth
Get down to theSVGnuts
images.
and boltswhat
of your machine is doing. lost your claim to be
Move over Gimp – you’veimage
just editor on Linux
low-bandwidth SVG images. what your machine is doing. lost your claim to be the best
92 96 image editor on Linux. Inkscape 0.91 54
The numero uno vecto
92 96 software gets its first
54 Inkscape 0.91 in four years. Four ye
The numero uno vector graphics
software gets its first bigIPython
55 update3.0
in four years. Four years!An interactive shell fo
analysing data sets, b
the Python language
Stockmarket analysis Roundcube and Cyrus:
55 IPython 3.0
Books Bletchley revis
with open code Set up webmail
An interactive shell for 54
gaming and the lates
analysing data sets, based on guru Bruce S
security
A few lines of Java are all it takes Keep Google’s prying eyes out of
to beat the FTSE 100 index… the Python language.
your email communication.
Stockmarket analysis Roundcube and Cyrus:
Books Bletchley
Code revisited, cult
with open code Setfor
up webmail Code
Fortran: Coding Code ninja: Assembler:
100 104 54
106
scientists reuse gaming
on and the latest from
bare metal
A few lines of Java are all it takes Code
Keep from IBM’s
Google’s prying Recycle codeofto save
eyes out security
Who needsguru
an Bruce Schneier.
1950s glory days. time and effort. operating system?
to beat the FTSE 100 index… your email communication.
100
Fortran: Coding 104
Code ninja: 106
Assembler: Code www.linuxvoice.com
for scientists Code reuse on bare metal
Code from IBM’s Recycle code to save Who needs an
1950s glory days. time and effort. operating system?
LV014 004 Contents.indd 5
www.linuxvoice.com 5
� ANALYSIS
NEWSANALYSIS
The Linux Voice view on what’s going on in the world of Free Software.
Opinion
Certifications and jobs: do they go together?
If you’re the one selling the certificates, of course they do. If you’re looking for a job, maybe not…
Simon Phipps just like proprietary vendors before them. that’s not available, a track record from an
is president of the Those with certification products to sell open source community – preferably as a
Open Source Initiative
naturally want us to think that’s the way committer – is next best.
and a board member
of the Open Rights the world works. But I’m hugely sceptical of Sadly, respect for certifications has spread
Group and of Open such things. more widely; it’s used by some governments
Source for America. as a bulwark against system failures. There
Tests don’t have to be testing are already 10 states in the United States,
Tests like the ones from LPI (and sadly a as well as all of Canada, that regulate the
large number of commercial vendors too) use of the term “software engineer” and
tend to be multiple choice tests that favour seek a professional certification from those
I
t’s spring and change is in the air – not memorisation rather than experience. One working on high-profile systems.
least with yours truly, who has started a experienced professional I asked scoffed at That’s unlikely to help make systems safer
new job at global consulting firm Wipro. the very thought of multiple choice tests as though. In most cases, projects fail because
The market for open source related jobs an indicator of Linux competence, telling me managers pick proprietary technologies
seems strong at the moment. that these tests, including pretty much all of from suppliers based on a range of criteria
In a report published by the Linux IBM’s, don’t reward real-world skills. They that have little bearing on the suitability
Foundation and built with help from jobs reward memorisation, not the ability to work of the software from the perspective
website www.Dice.com, demand for Linux with the technology, not problem solving, not of a software engineer. Rather, choices
professionals and those with cloud, security even the ability to find answers; just the are influenced by corporate marketing,
and networking expertise showed up as ability to have memorised certain facts. by existing contractual relationships, by
stronger than ever. They surveyed around Certifications that test actual skills – technology lock-in, and sometimes even
1,000 hiring managers and 3,000 Linux like the ones from Red Hat and The Linux by relationships with senior executives.
professionals and found that almost all the Foundation – were rated more highly. Enterprise middleware often gets picked on
hiring managers have multiple vacancies for One person told me “I contrast [those the golf course.
Linux and open source skills. certifications] starkly with an exam like Red
That’s really no surprise if you’ve been Hat’s, which is a practical, hands-on, test.” Experience always wins
watching the state of technology adoption. If professionals have such a low opinion Certifications for developers don’t guarantee
Open source is now the assumed default at of certifications, why are they so common? project success. That’s guaranteed more by
every level of every new business solution. One professional told me: process transparency, open source
So when the Linux Jobs Report highlights “They should be seen as naught but a software, and system audits. If skilled
open source cloud computing skills as a crutch for HR people, and are an extremely engineers select technologies purely on
priority across those surveyed – that’s open poor filter.” merit and go on to defend their choices
source cloud – 42% of hiring managers Certifications are a tool used by recruiters under audit, they’re likely to prefer open
are seeking OpenStack and CloudStack to thin the pack of applications for a vacancy solutions, which they are free to scrutinise
experience in their candidates. and hopefully identify the one worthy of independent of vendor oversight.
So how do you get those jobs? The Linux further scrutiny. The actual hiring manager For me, getting hired by Wipro was not
Foundation wants us to believe that the is much less likely to be interested; she a function of any certifications – indeed,
training and certification they sell is the key, will want proof of hands-on experience. If the last qualification I sought was in 1982.
The company approached me based on
my reputation and proven work history,
“42% of hiring managers are seeking OpenStack as well as my community engagements.
and CloudStack experience in their candidates.” In a “seller’s market”, that’s surely how the
majority of jobs will be filled?
6 www.linuxvoice.com
� ANALYSIS
Elementary OS • CrunchBang • Thunderbird • GnuPG • Wayland • Xfce
CATCHUP Summarised: the biggest news
stories from the last month
Next Linux kernel version CrunchBang Linux dies, Xfce 4.12 released, after
1 to be 4.0, not 3.20 2 comes back to life 3 three years development
Linus Torvalds has never been CrunchBang, the minimalist It’s been a long time coming,
a fan of big kernel version numbers. So Debian-based distro with Openbox as but lightweight GTK-based desktop
he has decided that the next release will its window manager, is no more. Lead Xfce has a
be 4.0, rather than 3.20 as expected, developer Philip Newborough explained new release
and there will be plenty of goodies for that CrunchBang was fun, but the distro with features
us to explore as well. Most significantly, landscape has changed so much in and fixes
live kernel patching support will be recent years and it “no longer holds any aplenty. See
included, making it possible to update value”. This was sad news for many our reviews
your kernel without having to reboot – fans, but it didn’t take long before the section on
a huge win for servers where uptime community created a successor. It’s page 49
is critical. Kernel 4.0 will also support early days, but a release candidate for the full
more ARM system-on-chip devices, and should be available soon: lowdown.
IBM z13 mainframes. www.crunchbangplusplus.org www.xfce.org
Huge fundraising drive Kernel developer sues Linus Torvalds: “Kernel
4 gives GnuPG a future 5 VMware over GPL 6 coders get hired quickly”
GnuPG is one of the most Christoph Hellwig, one of the Fancy making megabucks
widely used tools for email encryption, 20 most active Linux Kernel developers, as a software developer? Hacking on
but in early February its only main is suing VMware, makers of a the kernel is possibly the best way to
developer, Werner Koch, lamented that virtualisation product. Hellwig alleges land a lucrative job – at least, according
he couldn’t afford to keep working on that the firm is illegally using GPL code to lead developer Linus Torvalds. He
the project. Times looked bad, but a he’s written in part of their proprietary was responding to new statistics
massive fundraising effort by the software. The Software Freedom showing that just 12% of kernel code
community has given GnuPG a very Conservancy (SFC) is funding the case in the last year was written by non-paid
healthy future: over $150,000 was in Hamburg, Germany. The SFC has volunteers, down from 19% the year
donated from individuals and been in discussions with VMware since before. Torvalds’ reasoning: it’s not
companies, while Facebook and Stripe 2007 over compliance, but this is the that there are fewer volunteers, but
have pledged another $50,000 on top. first time it’s reached court. those who prove themselves with good
www.gnupg.org http://tinyurl.com/qf3fc4b patches end up getting jobs quickly.
Elementary OS seeks Thunderbird doing well,
7 cash, generates hate 8 will get a calendar
Ubuntu spin-off Elementary While the Mozilla Foundation
has a “suggested donation” part of puts most of its efforts into the Firefox
its download page. Recently this was web browser and Firefox OS mobile
$0, but the developers bumped it up platform, good old Thunderbird, the mail
to $10 with this reasoning: “We want client, hasn’t been forgotten. Despite
users to understand that they’re pretty a relatively slow development pace,
much cheating the system when they the download rate for Thunderbird is
choose not to pay for software”. Uh oh. increasing each month, and version
This caused uproar in the Elementary 38 will be released very soon with a
community, and the wording has since calendar. This will be provided by the
been changed, but not before everyone Lightning add-on, and bring Thunderbird
pointed out that Elementary should up to par with Microsoft Outlook.
give money to Ubuntu (and Debian). http://tinyurl.com/puzoom7
www.linuxvoice.com 7
� DISTROHOPPER
DISTROHOPPER
Our pick of the latest releases will whet your appetite for new Linux distributions.
Tails 1.3
Secret and safe.
G
overnments and law enforcement
agencies may be hell-bent on
monitoring every single thing we do
and say, but geeks are fighting back. Tails
(https://tails.boum.org) is a live Linux
distribution that routes all internet traffic
through the Tor anonymising network, and it
doesn’t leave any traces on your hard drive.
Why is this important? Well, imagine you’re a
journalist working in a repressive regime.
With Tails, you can boot the distro from a
DVD or USB key, do your work online, reboot
and destroy the Tails media. If your machine
is confiscated, there’s no way to tell that you
were using Tor – at least, that’s the goal.
The Tails developers are keen to point out,
however, that it’s not a 100% perfect solution Tails 1.3 includes a new Bitcoin wallet and the obfs4 pluggable transport to disguise Tor traffic.
for anonymity. Network traffic is encrypted
as it moves around between Tor nodes, but Tor to stay anonymous if you then sign into and not through Tor, it gets blocked. Plus
it’s plain to see when it leaves an exit node, Facebook or other data-harvesting services. there are some extra tweaks for privacy –
and you can’t guarantee that all exit nodes Tails 1.3 boots to a Gnome desktop with like the use of StartPage as the default
are operated by do-gooders. Also, you have Firefox, Claws Mail and the Pidgin instant search engine in Firefox, which uses Google
to be very careful when signing into services messenger, all using the Tor network. If any to get search engine results, but doesn’t
on the web. There’s no point using Tails and program tries to access the internet directly, share your IP address.
KaOS 2015.02
Gorgeous rolling distro showcasing the latest KDE.
K
aOS (http://kaosx.us) is described Well, for now at least. The KaOS
on its website as a “lean KDE developers are considering a switch away
distribution” – but isn’t that from the Linux kernel in the future, possibly
something of an oxymoron? KDE is the to Illumos (a derivative of OpenSolaris).
most featureful and customisable desktop We’re always open to other FOSS operating
environment in existence, but few would systems at Linux Voice, but we’re not sure KaOS is a rolling-release distro, so you install it
describe it as “lean”. In KaOS, though, that what Illumos would bring – sure, it has once and receive gradual updates.
word is used to describe the whole some high-end features useful if you’re
experience and not just the desktop. KaOS running giant databases on big iron, but it animations and drop shadows abound,
focuses entirely on one desktop (KDE), one doesn’t have anywhere near the same level while the fonts and icons complete the
toolkit (Qt), one architecture (x86-64) and of x86 hardware support. package excellently. You won’t find many
one release model. Unlike many distros, it KaOS 2015.02 uses the KDE Plasma 5 non-KDE or Qt programs here – Konqueror is
doesn’t try to be a jack of all trades; it has a desktop, and is one of the best-looking KDE the only web browser installed by default,
razor-sharp focus, and won’t budge from it. configurations we’ve ever seen. Subtle and Calligra provides the office suite.
8 www.linuxvoice.com
� DISTROHOPPER
ArchBang
Arch Linux goodness, without the installation hassles.
B
ack in issue 7’s cover feature, we
declared Arch Linux as the best
all-round distribution. It’s always up
to date, it has a giant range of software via
the Arch User Repositories, and its
documentation is second to none. It’s not
ideal for newbies or for long-term Debian-
esque stability, but for those who don’t mind
dabbling at the command line now and then,
performing the occasional fix, it’s bliss.
The installation process teaches you a lot
about the underpinnings of a Linux system,
but it can become a chore when you’ve done
it several times. So ArchBang (www.
archbang.org) has become one of our
favourite distros in the last 12 months – it
gets you up and running with an Arch
installation quickly, so you can avoid the
tedious parts of the installation process.
ArchBang is inspired by CrunchBang ArchBang’s default theme is dark and moody, but it’s easy to brighten it up.
Linux, sporting a minimalist desktop with
Openbox as the window manager and a few keypresses. Its main feature is its Otherwise, the distro is pretty bare: it
small selection of tools. Unlike some installer, which simplifies the process of includes Firefox and a few other tools, but
Arch-based distros, ArchBang doesn’t have getting Arch onto your hard drive; it’s a the idea is that you get it installed and then
its own special repositories – it’s simply a menu-driven tool and easy to navigate for add what you need via Pacman and the
means to get a working Arch setup in just a intermediate and experienced Linux users. regular Arch repositories.
MuLinux – desktop Linux on two floppy disks!
Here’s a question: how much space do you need for a graphical Linux
installation with a file manager, terminal emulator and various other
utilities? If a typical Ubuntu installation weighs in at around 2.5GB,
you might think that you could squeeze the bare necessities into
200MB or so. Well, go even further: it’s actually possible to get some
GUI goodness in under 3MB. MuLinux (http://micheleandreoli.org/
public/Software/mulinux) is a long-defunct project that caught some
attention in the early 2000s by managing to pack an extraordinary
amount of Linux onto a few floppy disks.
The first disk provided the base system, and then you could beef it
up with extra disks containing the X Window System, GCC, Perl, Wine
and even a Java virtual machine (Kaffe). Most of these programs
were highly stripped-down in order to fit into the limited space, but it
was nonetheless an impressive achievement, and showed what’s
possible when you take every kilobyte into consideration. And today,
it makes you wonder what on earth happened to modern operating
systems to bloat them up so much – why does Windows 10 need
16GB of hard drive space?
Although MuLinux ceased development over a decade ago, there
have been similar projects in recent years. Tiny Core Linux (http://
distro.ibiblio.org/tinycorelinux) crams a GUI Linux distro into just
12MB, and while it’s not all that useful on its own, you can use it as a
base for bigger projects such as a web kiosk or similar installation.
It may look pants today, but MuLinux was an
astonishing feat at the time.
www.linuxvoice.com 9
� GAMING ON LINUX
GAMING ON LINUX
The tastiest brain candy to relax those tired neurons
WAITING FOR THE SUN
Dying Light
Not just your standard zombie survival game.
Z
ombie games are seemingly a dime a
dozen nowadays, however Dying Light
stands out from the horde of rotting flesh,
bringing a lot of new stuff to the table.
The game’s unique selling points are its
parkour and day/night mechanics. The parkour
elements allow for more use of space while
Michel Loubet-Jambert is our Games
Editor. He hasn’t had a decent night’s giving more options than simply taking on the
sleep since Steam came out on Linux. horde directly, while nightime gameplay gives
the game more of a survival-horror feel than With these next-gen graphics, some of us may have
T
he Linux gaming world an open-world sandbox, as zombie behaviour to think about upgrading graphics cards. POW!
currently has all eyes on the becomes more aggressive by night, summed
Game Developer Conference
up best by the game’s “hunter by day, hunted weapons looking like they were ripped out of
this March, as what happens there is
likely to set the precedent for the by night” tagline. Combined with features like Dead Island and shoved into Dying Light.
future, with 2015 looking to be the crafting and a narrative that goes beyond the That said, Dying Light is still somewhat of a
most eventful year for Linux gaming standard fetch quests interspersed with the cautious recommend for the time being. There
to date. occasional cutscene, the game reinvigorates an are plenty of bugs, and unless you have the
Valve will have centre stage at the
otherwise stale genre. latest and greatest graphics card, you shouldn’t
Conference to showcase its
PC-console hybrid Steam Machines, Speaking of which, it’s almost impossible expect good frame rates. The game is tonnes of
with which they intend to take a not to make comparisons to Dead Island, which fun, but those wanting a smoother experience
chunk of the market. It’s unlikely to shares the same developers. Those familiar with should hold back until more patches come out.
be an official launch, but we can Dead Island (ported to Linux last year) will quickly
expect something of great Website http://store.steampowered.com/
find many similarities between the games, with
importance, be it revealing more app/239140 Price £39.99
technical details or coaxing certain mechanics and even the designs of the
developers into putting games out on
Linux, specifically the company’s
Debian-based SteamOS.
Secondly, OpenGL’s successor
GLNext will be officially revealed
there. Not much is yet known about
GLNext other than it being a big
initiative with a lot of industry names
behind it, so the announcement is
keeping many on the edge of their
seats. This transition is long overdue
and needed to get more developers
porting to Linux or even ditching
DirectX (also seeing its next big
release this year) in favour of GLNext.
Many developers have ported their
games to Linux with the prospect of A couple of patches have already
Steam Machines being a success, rolled out and performance is
and may not continue if they’re a flop, due to get better. OOF!
while the unmanageability of OpenGL
has been their major complaint and
stumbling block. There is a lot riding
on both, and it’s no coincidence that
both announcements are happening
“Nighttime gameplay gives Dying Light more of a
under the same roof. survival-horror feel than an open world sandbox.”
10 www.linuxvoice.com
� GAMING ON LINUX
The Book Of Unwritten Tales 2 ALSO RELEASED…
Adventure games are far from dead.
I
f you’re a fan of the adventure genre, exceptionally well is pulling off nostalgia
you shouldn’t think twice about and game references. This game certainly
getting this one. The Book of Unwritten meets the standards set by the likes of
Tales 2 hits the mark on every level, from the Monkey Island franchise and exceeds
the lovable characters, well thought-out them in many ways, being easily one of
puzzles and beautiful settings to its the best written, funniest and best looking
writing and humour. adventure games to date.
Unlike the previous game, this features As it should be clear from the title, the Grim Fandango Remastered
an array of entertaining side-quests and game is a sequel and although it stands Often considered one of the greatest adventure
optional extras which add a replay value up extremely well on its own, playing the games of all time, Grim Fandango has had a
often lacking in a normally linear genre. previous instalment does enhance the much needed lick of paint from Tim Schafer’s
It’s details like these that make this game experience greatly. Double Fine Productions which also made this
masterpiece officially available on Linux for
feel more like a labour of love rather the first time. Some of the new features
than a product put out by a successful Website http://store.steampowered.com/ include a more classic point-and-click
app/279940 Price £29.99
studio. Something else the game does interface, improved lighting and tweaked
musical score, breathing new life into the
game’s characters and rich film noir world.
King Art seems intent http://store.steampowered.com/app/316790
on perfecting the
adventure genre.
Fahrenheit: Indigo Prophecy
Remastered
Another remaster, this time brought to us by
Aspyr Media, which ported Civilisation V and
Hand of Fate Borderlands 2 to Linux. Originally released in
2005, Fahrenheit sees you uncover the
mysterious goings on surrounding a series of
Deckbuilding has never been so enthralling. murders taking place in New York City, using
M
innovative gameplay still ahead of its time.
ixing together different genres http://store.steampowered.com/app/312840
tends to be a recipe for disaster,
however, Hand of Fate has
done so masterfully. The main setbacks
of a card game are repetitiveness and
randomness, which this game has
mitigated by introducing RPG elements
and combat to make victory more
dependent on player skill. All this comes Have you got what it takes to play the game?
together to create a unique experience.
Casual is a term with negative punishing. It should be clear by now that
connotations in gaming today. While this is far more than a deckbuilding game, Apotheon
Aside from being stunningly beautiful, this
Hand of Fate is a game that allows and an underlying story develops as the game is also an incredibly solid Metroidvania-
sporadic playing for those too busy to player progresses through the game. Just style platformer with a good dose of story.
sink continuous hours into a game, it who is this mysterious dealer? Is he friend Apotheon’s biggest strength is using its
can also be very captivating, so perhaps or foe? Who is the protagonist and why combination of ancient Greek style and
smart-casual would be a better suited is he playing this game? These elements ominous music to make the player feel like
they’re a hero in a Greek epic. You can tell the
category. Casual also doesn’t necessarily add to the already addictive gameplay. devs have put a lot of work in researching the
mean easy, with poor deck choice and period, its mythology and literature.
sloppy combat prematurely ending games Website http://store.steampowered.com/ http://store.steampowered.com/app/208750
app/266510 Price £18.99
and the Rogue-like elements often being
www.linuxvoice.com 11
� MAIL
YOUR LETTERS
Got something to say? An idea for a new magazine feature?
Or a great discovery? Email us: letters@linuxvoice.com
LINUX VOICE STAR LETTER
MIKE WINS
Just a quick note to say hello. as long as you have this kind of
I’ve just subscribed after buying content in every issue.
issue 12 and am enjoying 1–4 Scott
as back issues too.
It’s the assembly language Mike says: Sir, I am humbled. We’re
tutorial that did it. Low-level glad you like the magazine, and hope
knowledge will be relevant as to provide you with much more good
long as we need hardware to run stuff in the months and years to
things on; even the cloud runs come.
on hardware (eventually). This
took me back to learning Z80
A long, long time ago, we published
as a spotty kid on my old
an image of a dartboard with Mike’s
Amstrad CPC. face on it. It was wrong of us to do
And now I’m doing the kernel so, because he writes such lovely
module tutorial from issue assembler tutorials. Here he is up
2. Brilliant stuff, I’ll subscribe against a wall instead.
SCRIBUS
Now, come on chaps, where is that
tutorial on Scribus you’ve been
promising since the December
issue? Here I am, one of your
new fans, and what do I get?
Disappointment, that’s what! So
come on, buck up and get it in the
next issue, please!
A Geoffrey Mort
Andrew says: The fact that the Scribus
feature is taking so long is down to
the key problem with it that we’ve
found so far. We want to test it out
properly by putting it in the hands of
our art boss, Stacey. She’s intimately
skilled in the way of Adobe InDesign,
so is the perfect guinea pig for Scribus
(an application pitching itself as a Scribus isn’t working
professional design tool ought to some features we need. I’d very much – so vote for it in our profit sharing for us, so it’s our
be usable by design professionals). like us to be able to support Scribus scheme at www.linuxvoice.com/ responsibility to provide
Unfortunately, so far it it’s missing development – it’s fantastic software profitsvote1 (the code is LV3276XJA). useful, feedback.
12 www.linuxvoice.com
� MAIL
MIND YOUR MANNERS SO FAREWELL THEN
I was sad to read that Chris Brown I loved reading Chris Brown’s
is retiring and will no longer be technical run down articles. I am
writing for your magazine. I’d like very sad to see he will be retiring!
to thank Chris for the enjoyment Tell him he can’t quit yet. I just
and learning I have derived from renewed my yearly subscription!
his articles over many years, both Zane Williamson
in LV and in “another” magazine.
I have always found them to be Graham says: Sorry, but Chris has this
lucid and pitched at the right pesky thing called free will. I’d ban it
technical level. Even when I read if I could, but the next best thing is to
an article on a subject that I was persuade another Linux expert (who
familiar with, I knew that I would has a PhD in physics, like Chris) to
always learn something new. take his place and write the system
I was interested to read, in administration pages as of next issue:
“What the big names say” [in Dr Valentine Sinitsyn!
issue 12], that “Civility” was cited
When Linus shouts at
explicitly by Philip Newborough behaviour as bad as anything
developers, he does so
and implicitly by Boudewijn Rempt we see in the FOSS world. In
as a significant challenge for GNU/ general, commercial companies
in public. When Steve
Ballmer used to shout
CRUNCHBANG
Linux and FOSS, especially as it’s have the luxury of not airing at developers, he did so On the event of its passing into
echoed elsewhere in the same their dirty washing in public. in private. Which would Linux history, I’d like to give a vote
issue as part of the interview Maybe, sometimes, there are you prefer to be on the of thanks for the Chrunchbang
with Lennart Poettering. On the disadvantages to being open! end of? Linux distribution. It breathed new
one hand, it’s good that people Thanks for a great magazine. life into a couple of old machines,
feel strongly on an issue and are Neal Crook, Berkshire saving me a few quid; it saved me
prepared to argue a technical case time, with its speedy boot routine;
and defend it (even to the extent Andrew says: That’s something and it introduced me to a fantastic
of forking a code base and doing I’d never thought of until now. community of users who all just
something new). On the other Name calling, shouting, abuse and want to be nice to each other.
hand, personal attacks diminish bullying all go on in big companies Cheers Philip!
the attacker in addition to doing as hierarchies are established and Gary Waterman, Braintree
the whole community a disservice. maintained, and we’ve all moaned
Sad to say, Linus himself is not about idiot bosses who we wouldn’t Andrew says: Philip Newborough,
blameless in this regard. trust to look after a goldfish, never chief bodger of Crunchbang, has had
Of course, there are arguments mind a team of people. But this all enough and won’t be carrying on with
and bad behaviour within goes on behind closed doors. Maybe the distro. But cry no more – there’s
commercial companies as we’re not such a bad bunch of people very likely to be a community fork in
well – including covert and overt after all? the works…
www.linuxvoice.com 13
� MAIL
LINUX ON THE HIGH STREET
The HP850 with SUSE Linux To help digitally-excluded and
Enterprise at $1,709 and the “W8-baffled” locals who want
Librem 15 (starts at $1,899) are new machines, I wipe W8.1 and
aimed at specialist Linux users install LM17.1 Mate on the HP 255
with plenty of money (to return to G3, which uses an AMD A4-5000
a theme from LV012 Letters). CPU (1905 benchmark). Wherever
What is really needed is a cheap possible I install Mint on their
laptop with a reasonable CPU, existing machines.
preferably running Linux Mint and The price of the HP 255 G3
aimed squarely at the general fluctuates between £200
public. and £220: www.ebuyer.
Mint, with its expanding menus, com/669147-hp-255-g3-quad-
looks very similar to Windows core-laptop-k7h92es-abu.
XP, Vista and W7, and it is a Go on, LV readers, do your bit
comfortable transition for those and help someone you know get to
previously using those systems. grips with a Linux Mint computer.
In contrast, Ubuntu Unity follows Godfrey Green, Cardigan
the W8.1 path which just makes
things unnecessarily difficult for Andrew says: Thanks Godfrey. It’s behind by Microsoft’s baffling user The HP 225 G3 is an
new adopters. encouraging that you agree with Tony interface choices. It really does stand admirable, affordable
Mint comes with virtually all the Hughes, who wrote in last issue’s out from the ‘by geeks, for geeks’ workhorse of a laptop
software that most users need letters pages about his experience of tradition – whisper it, but it could that’ll run Linux Mint no
and programs like Skype can be refurbishing old computers with Linux even be said to be Linux for human bother.
added easily. Mint for those who have been left beings…
HEY, TEACHER!
I noticed your plan to send out free
copies of LV to schools in the UK.
A good move. So I emailed our
local high school (I am in Sydney)
to alert them about the free
downloads available on your site.
No reply yet but you never know.
If anyone else thinks their local
educational establishment could
do with a bit of free software
goodness, why not give them
a nudge and see whether they
respond?
Tim Lloyd
Mike says: Please do; that’s what
they’re there for. The UK (and Estonia,
as we learn from Eben Upton on page
44) is leading the way in computing
education, and we’d like to help that
along by sharing our old issues.
There’s a growing archive of content
available to download for free at www.
linuxvoice.com/creative-commons-
issues, and the best bit is that it’s all
freely licensed, so you can share it
with as many people as you like, copy Thinking about subscribing to Linux Voice? Issues 1–4 and
it, update it and use it however you more are available right now to download completely for free
see fit. Even if you’re in Australia! from www.linuxvoice.com/creative-commons-issues.
14
� MAIL
ENCRYPTION
I read with interest the article in
the March issue from the FSFE
[Free Software Foundation Europe]
regarding email encryption.
Under the section headed
“Practical Advice” the article states
“Thus, the more you encrypt your
messages, the less suspicious
encrypted messages will be.”
I am just taking my first faltering
steps in the FOSS community, but
surely implying that encryption
might reasonably be regarded as
doubtful or of nefarious intent
cedes too much ground to those
who would argue “...if you have
nothing to hide, you have no need
to encrypt your communications,”
46
and undermines the case for a
47
default position where the right is
LV013 046 Ad FSFE.indd 46
06/02/2015 10:43 LV013 046 Ad FSFE.indd 47
to privacy. Surely this must be our starting the FSFE gave us money, but because
06/02/2015 10:43
Unencrypted email is
When I post a letter I seal the point and not a tacit concession we believe in the message and
as secure as sending a
envelope, not because it contains that the right to privacy must be want to share it: encrypted emails postcard – ie not very.
details of my next daring jewel justified. make everyone better off, even if
heist, but because I value my Steve Brodie, Thetford they’re about something as banal as
privacy (as a key feature of a free your shopping list or plans for the
and fair society), and anticipate Andrew says: We’d love to take weekend. You’re right that privacy
the carrier will do the same and credit for those pages, but they were should be accepted by default, but
treat it with respect and discretion. provided by the FSFE. Not because unfortunately it isn’t.
YOUR AD
HERE
www.linuxvoice.com 15
� LUGS ON TOUR
LUGS ON TOUR
Open Source Day, Jersey
We were invited to attend one of the Channel Islands’ inaugural open source event.
W
e learnt lots of things
when we visited Saint
Helier, the capital
dwelling on Jersey, an island in the
English channel a mere 12 nautical
miles from Normandy, France.
We learnt that legal text is written
in a French dialect, Victor Hugo
spent considerable time here while
exiled from France and that you
can’t spend money given to you as
change back when you get back
to England. Jersey is one of those
anachronisms from British history
– a Crown Dependency with the
right to self governance.
Open source is enthusiastically
used everywhere by many geeks on
Jersey, but there are still areas of
the local business community that
need some convincing. Technology
on Jersey seems to exist within its
own microclimate.
This is why Matt Chatterley
and a group of local developers
and hackers decided to organise
Jersey’s first ‘Open Source Day’.
Despite the potentially limiting size
of the local population (around Jersey’s traditional business is finance and banking – two areas ripe with open source potential.
100,000 for the entire island), the
event itself was a considerable control of a Windows PC in front of has hopefully given some local
success, introducing lots of new his audience. businesses another option when
people to many of the ideas we In the afternoon, Rob Dudley it comes to software. That this
all take for granted. As well as an gave a great beginner’s overview event could be organised by a
anecdotal talk given by our own of WordPress, which was followed such a small group of people is a
Graham Morrison, a speech which at the end of the day by a talk by testament to their commitment to
served as the keynote and included Jason Stratford on scaling and open source, and we sincerely
images of an Acorn Electron and a resilience your own sites and hope they’re able to do the same
Commodore 64, there was a single applications. Each one of these next year.
track of workshops throughout sessions typically lasted an hour,
the day. Tom Brossman kicked and as the event was completely TELL US ABOUT YOUR LUG!
off the event by talking about A+ free to attend, gave attendees a
SSL with Ubuntu, followed up by great insight into how open source We want to know more about your
a brilliant talk about exploiting is being used. LUG or hackspace, so please write
to us at lugs@linuxvoice.com and
buffer overflows by Paul Dutot. We really enjoyed our brief time
we might send one of our roving
Paul impressively did this for real, on Jersey, and we think the event reporters to your next LUG meeting.
demonstrating an exploit to take itself was a great initiative that
16 www.linuxvoice.com
� LUGS ON TOUR
London PostgreSQL meetup
Josette Garcia reports from the world of alternative databases.
O
n 21 January, 35 members
of the London PostgreSQL
Meetup met in the offices
of Mind Candy near Old Street (near
the famous Silicon Roundabout). In
case you are unaware, Mind Candy
is the creator of the Moshi Monsters
games for children. You might have
taken your kids to Moshi Monsters:
The Movie. The company has now
created the World of Warriors game,
which seems to be for a more
grown up audience.
Not only did Mind Candy offer the
use of its premises, but it also
provided pizzas and beer which
made it a great opportunity to
meeting some new and old friends
This looks to be one
from the Python community. Rach Belaid, with a session entitled database management system. I of the best locations
After pizza and beer, the real ‘Postgres Full-Text Search is Good found it highly encouraging to see we’ve seen for a geek
session started with Howard Rolph Enough!’. the audience participation – gathering. Tropical
on the key features of PosgreSQL Rach, who is the co-founder of questions were asked, little debates forestation and bean
9.4, which are: web and iOS agency Lost Property, took place – all in all it felt that the bags anyone?
JSONB Binary JSON storage. describes himself as passionate talks were worthwhile and
Replication improvements. about open source and web everybody learnt a little or more.
Changeset streaming/logical standard technologies, and believes I believe the next meetup will
decoding. in an open and collaborative happen in April and will focus on
Performance improvements. working environment to increase Perl, but don’t take my word for it –
Alter System. performance, the quality and the keep checking www.meetup.com/
Refresh materialised view sharing of knowledge. He London-PostgreSQL-Meetup-
concurrently. specialises in Python, Pyramid, Group if you’re in the area and
Backwards compatibility. Unix/Linux based systems and curious about how the heavy lifting
After this the talks continued with uses PostgreSQL when in need of a of the web happens.
Ipswich Makerspace
Tim Elliot reports on the hacking going on England’s eastern shore.
O
ur makerspace is a place with it. We have microcontroller
where like-minded people collectors, quadcopter pilots, robot Turn, came within a gnat’s crotchet
can get together and share builders, several members who of winning Proximity Alert), we are
their interest in science, electronics own 3D printers, and vast numbers launching a series of mini-courses,
and all things technological. The of unfinished projects. to include PCB making, PIC
aim is to share knowledge, show off We meet in a church hall that we programming, SQL, Timelapse
our skills and inspire each other to rent for the evening, and hope soon photography, soldering and more.
new heights of inventiveness. to have a home of our own, where Ipswich Makerspace (Facebook
We meet twice a month, once for we can keep fancy-pants https://www.facebook.com/
personal projects and once for equipment for joint use. groups/ipswichhackspace, Blog
talks, show and tell and group Flushed with the success of our http://ipswichmakerspace.com)
discussions. A chance to learn Tractorbot team at Pi Wars in meets every 2nd and 4th Thursday,
something new like PCB making or December, where we won the 7pm, Trinity Church Hall, Back
hear about the latest tech from Under-£75 category (1st in Hamlet, Ipswich IP3 9AJ, Suffolk.
someone who’s been hands-on Obstacle Course, 2nd in Three-Point Your first meeting is free!
www.linuxvoice.com 17
� SHOW REPORT FOSDEM 2015
Larry Wall gave a hugely entertaining
presentation on Perl 6 – we’ll have an
interview with the man in a future issue!
Our good friends at the Free
Software Foundation Europe were
there, reminding us all that the
freedom in FOSS is more important
than merely the practical benefits.
FOSDEM 2015 This yearly geek-fest in Brussels brings together free
software developers for coding sessions and beer.
Mike Saunders and Ben Everard were there.
F
OSDEM has been running annually since 2001, (www.reactos.org). It’s an obscure project and doesn’t
and is arguably the best European meetup for get much attention, but it runs an impressive range of
developers of free and open source software. (predominantly older) Windows software, and could
It’s free to attend, there’s a packed schedule with help some people make the transition from proprietary
presentations and demos, and it’s fortunately not to free software.
teeming with buzzword-bleating suited business types
trying to sell you data silo-enabled Web 3.0 cloud All change
container internet of things devices, or other nonsense One stand that really grabbed our attention was that
like that. No, this is the place you go to meet real of OpenMandriva LX, a desktop distribution spun-off
geeks: the people working from the once-famous
on Debian, Fedora, Firefox,
LibreOffice, the kernel,
“FOSDEM is arguably the Mandriva. The developers
had an ARM board
Systemd and other pieces best European meetup for connected to a keyboard,
of software with which
we’re all familiar.
developers of Free Software.” mouse and monitor, with a
sign above saying that the
And it’s big, spread distro had been “100%
across several buildings of the Université libre de compiled with LLVM/Clang”.
Bruxelles. Part of the complex is reserved for stands, The primary reason for switching to this new
where FOSS projects can demonstrate their latest compiler over trusty old GCC is compilation speed. One
wares and talk to interested passers-by. The Debian developer explained to us that building the distro’s
stand, for instance, showed a braille typewriter and 15,000 packages takes half the time using LLVM/
screen reader being used by a blind developer, Clang, when compared to GCC, and the newer compiler
highlighting how the distribution really strives to be a also produces better code for low-spec ARM devices
“universal” operating system. (such as the board being demonstrated). While we
Along with big names like Fedora and Firefox, some were there, we also asked the OpenMandriva team if
smaller projects were also represented. We were they could ever consider merging with Mageia,
happy to meet up with the ReactOS team, which is another Mandriva fork. We were told that there are no
working on an open source Windows-compatible OS bad feelings between the projects, and a merger was
18 www.linuxvoice.com
� FOSDEM 2015 SHOW REPORT
Many big-name distros were
present, including OpenSUSE,
Fedora and Debian.
that the kernel code remains fairly standardised and
not dependent on the quirks of a particular compiler.
We attended a few of the lightning talks – 15-minute FOSDEM is always a
presentations that attempt to woo you with new ideas great place to pick
and technology. The developers of Crazyflie, a tiny up merchandise,
quadcopter (www.bitcraze.se/crazyflie-2), such as T-shirts,
even suggested a while back. Today, though, the entertained the audience by flying one around the mugs and stickers.
distros have differing goals, so we probably won’t see arena, while the OP^2 Raspberry Pi-powered phone
a merger any time soon. Also on the subject of won geek points despite its un-Googleable name.
compilers, we attended a talk by Behan Webster, who But our favourite talk of all was from Larry Wall, the
is leading a project to make the Linux kernel lead developer of the Perl programming language. Wall
compilable by LLVM/Clang. He noted that the compiler is a fascinating chap, having a background in
is getting up to par with GCC in terms of code size and linguistics, and his presentations about Perl are always
speed, and is improving rapidly. GCC has come under full of jokes and references to films and books. Perl 6
fire recently for being monolithic – ie it’s hard to use has been languishing in development hell for years,
parts of the compiler toolchain in other projects – but and Wall has often quipped that “Perl 6 will be ready in
according to Richard Stallman, creator of GCC, this is time for Christmas – we just don’t know which year.” Below left Saúl Ibarra
important to make sure it doesn’t just end up as part At FOSDEM, Wall delivered a bizarre and witty talk Corretgé demonstrated a
of a larger, proprietary IDE. comparing the Perl 6 development process with The funky-looking open source
hardware VoIP phone,
LLVM/Clang is more modular and has a more Lord of the Rings, and ended by saying that, yes, Perl 6
powered by a Raspberry Pi.
permissive licence, which is preferable to some users. will be released in time for Christmas. But this time he
Below right O’Reilly had a
It also has other benefits, such as a built-in static actually stated a year: Christmas 2015. This brought a table of its latest books,
analyser for C, C++ and Objective C programs. standing ovation from the crowd, and we managed to with some mightily hefty
Webster noted that building the Linux kernel with grab Wall for a chat afterwards, so stay tuned for an tomes on coding,
LLVM/Clang brings other benefits, such as making sure interview in a future issue. networking and sysadmin.
www.linuxvoice.com 19
� UBUNTU’S NEW PHONE
Inside the…
UBUNTU
PHONE
The Ubuntu phone is here at
last! Explore its development,
its features and what it
means for Canonical and the
Ubuntu desktop.
A
lmost as soon as the first version launched in 2004, including Mint, gNewSense, Google’s own derivatives and the
Ubuntu permanently changed the Linux distribution semi-official KDE, Xfce and Gnome versions. Its easy installation
landscape. 2004 was a time when the desktop was still and no-nonsense approach to adding applications or upgrades
important, and Ubuntu presented the Linux desktop not as alien has forced every other distribution to up their game, and it’s helped
territory, only to be ventured through with the right skills, but as a make the Linux desktop a viable alternative to OS X and Windows.
verdant pasture of adventure and But Canonical is facing something
possibility. As its 2004 tagline of an existential crisis. It needs
proudly proclaimed, this was Linux “Canonical needs to capitalise on to capitalise on its success and
for Human Beings, and it enabled
millions of people to use Linux who
its success and mind-share and mind-share and make more of its
influence. This is happening in the
may not otherwise have done so. make more of its influence.” cloud, with Ubuntu finding favour as
Under the aegis of its parent the first choice behind many servers,
company Canonical, Ubuntu is still a huge success. It’s now but Canonical also recognises that it needs to diversify.
the distribution that non-Linux users will most likely have heard Which is where the phone comes in. First touted as a cutting-
about, or have even tried. It’s used when migrating offices and edge convergence device, and the focus of a hugely ambitious
local councils to Linux, and it’s used in many servers and cloud crowdfunding campaign, the first incarnation of the Ubuntu Phone
instances. It’s also the basis for many other popular distributions, is here. And we’ve got one.
20 www.linuxvoice.com
� UBUNTU’S NEW PHONE
Inside Canonical
Why phones? Why now?
C
anonical employs around 600 technology, but as a swathe of innovations years, and its relevance for both Ubuntu and
people. This makes it tiny in plugged into the heart of its operating Canonical is something called convergence.
comparison to other phone system, from the desktop to the cloud. It’s Originally, convergence meant plugging in
manufacturers. Samsung alone moved had to sacrifice its standing within the your phone and continuing to work with a
1,000 of its employees to work on Tizen, and community to do this – moving away from keyboard and screen. It now means use the
it could do this almost overnight. Canonical Gnome and Wayland, for instance. But this same interface on multiple devices – hence
doesn’t have that kind of infrastructure of has been part of its strategy for staying in the redevelopment of Unity and the Mir
funding. And it’s not a phone manufacturer. control. Canonical is transforming the way display server running in the background
But there’s more to Ubuntu than a popular Ubuntu is put together and used. And the – and that’s a difficult trick to pull off.
Linux distribution. It’s also the most visible first real, physical and tangible step towards Microsoft failed spectacularly by trying to
facet to a company strategy trying to making this a reality is the launch of the augment Windows 8 with touch-friendly
generate income from open source. The Ubuntu Phone. characteristics, despite almost no one being
distribution was famously founded by the The Ubuntu Phone is the most exciting interested in using a touchscreen with their
multi-millionaire space tourist South African development to come out of Canonical for Windows laptops or PCs.
Mark Shuttleworth, after he pooled the initial
team from mailing lists he read while free of Ubuntu phone hardware: Two different makes and models
the internet on an icebreaker. And while
there is an Ubuntu Foundation to ensure the
longevity of the distribution itself, the
distribution is at the heart of a business he
also founded, Canonical.
Like Red Hat, Ubuntu is also used widely
as a server operating system, and more
recently in the cloud, with a reported 64% of
OpenStack deployments – and it’s even
popular on Microsoft’s Azure cloud platform.
But Canonical makes very little money from
all these people spinning up instances of the
word’s favourite operating system. This is
open source, after all, and there’s nothing
forcing anyone to pay for anything, even
when those instances are dialling back to
Ubuntu’s servers for updates and upgrades.
Ubuntu is undoubtedly a huge and
growing success. But it’s also true that
Canonical has yet to tap into the revenue
potential of its own operating system, and
it’s struggling to make a profit. Last year’s
financial report on its performance 2012–
2013 showed a loss of $21,343,00, despite
gross profit being up from $54 million to $61
million. And this is where the requirement for
a new direction steps in, and why 2015 is BQ Aquaris E4.5 Meizu MX4
CPU 4-core MT6582 1.3GHz CPU 8-core MT6595 1.7/2.2GHz
going to be pivotal for its future and the
GPU Mali 400 500MHz GPU PowerVR G6200 MP4
future, health and investment in the Ubuntu RAM 1GB RAM 2GB
operating system. NETWORK 802.11 b/g/n, GSM/HSPA NETWORK 802.11 a/b/g/n/ac, GSM/HSPA/LTE
STORAGE 8GB STORAGE 16/32/64GB
Newbuntu SCREEN SIZE 4.5 inches SCREEN SIZE 5.36 inches
RESOLUTION 540x960 – 240ppi RESOLUTION 1152x1920 – 418 ppi
Ubuntu is used everywhere, but money-
CAMERA 8MP (rear) 5MP (front) CAMERA 20.7 MP (front) 2MP (rear)
making potential has remained elusive. To DIMENSIONS 137 x 67 x 9 mm DIMENSIONS 144 x 75.2 x 8.9 mm
solve that problem, Canonical needs a piece WEIGHT 123g WEIGHT 147g
of its own turf, one that it can invest in, BATTERY LiPo 2150 mAh BATTERY 3100 mAh
capitalise on and hopefully make money CONNECTORS Dual micro-SIM, micro-USB, CONNECTORS Micro-SIM, micro-USB, headphone
headphone jack, MicroSD (up to 32GB) hack
from. And that’s exactly what it has spent
PRICE €169 (only available in Europe) PRICE TBA
the last two years creating – not as a single
www.linuxvoice.com 21
� UBUNTU’S NEW PHONE
Inside the phone
2014 – the year of Ubuntu on your phone?
L
aunching a mobile phone with a new
operating system in 2015 is crazy.
People of Earth carry over a billion
Android devices alone, and Android is
fundamentally an open source operating
system, negating the moral imperative for
creating another. Forking Android has been
shown to work too, at both ends of the scale,
from Amazon to Cyanogenmod. And we
won’t mention other open source
alternatives like Jolla, Tizen or Firefox OS.
But that doesn’t mean someone else
shouldn’t try, and there’s something
intrinsically brilliant about open source in
that it lets projects succeed or fall judged by
their own merits. For Canonical, that means
a strong emphasis on open source, open
platforms and fundamentally, choice.
The turning point for Canonical must Both Canonical’s CEO, Jane Silber, and its VP of Mobile, Cristian Parrino, gave an impassioned talk
surely have been the Ubuntu Edge about the importance of the Ubuntu Phone at its launch in February 2014.
crowdfunding campaign in 2013. It was
ridiculously optimistic: Mark Shuttlworth But it was a spectacularly winning failure: Most people at this event are vocal
was asking for $32 million to give $10,267,352 was pledged from more than community members, or people who have
Canonical the cash to build a cutting-edge 22,053 contributors, making it the largest helped Ubuntu in some way. They’re not
smartphone running its own operating crowdfunding campaign of the time. And always the people with the largest number
system. Of course, the campaign failed. whether this was a publicity stunt or a of followers on Twitter, or YouTube. They’re
genuine attempt to fund a new phone people with a genuine enthusiasm for
platform, there’s no doubt it left Canonical Ubuntu and Canonical, and this sincerity is
with the very real desire to create a phone. what comes through from the beginning,
when the announcement finally comes.
Two years later “There are no words to describe how
Two years later, we find ourselves in London excited I am, and the rest of our colleagues,
on a chilly morning in February. We’re sitting the engineers, our CEO, people who do the
with approximately 40 other people in a design, Mark…” says Cristian Parrino, VP
hotel in London. This is an ‘Insiders Event’ of mobile at Canonical, by way of a very
where the long awaited Ubuntu Phone is emotive introduction. He goes on to talk
going to be revealed in partnership with BQ, about not bringing another app-centric
a major phone and tablet manufacturer mobile phone platform to the market, about
from Spain. giving users a richer, less fragmented
That Canonical isn’t launching the phone experience, “but most of all, more personal.”
after a campaign of tantalising leaks and a
conclusive fireworks display at Mobile World The origins
Congress is a significant sign that Canonical For us, Ubuntu’s netbook remix is the
knows it can’t compete with the likes of starting point of what has become Ubuntu
Samsung. Its Ubuntu Phone is going to Touch and Ubuntu Phone. It was here that
need to attract a different kind of customer. the first pixels of what would become Unity
This is likely the same reason why early made an appearance – a launch bar down
batches of the phone we’re about to get our the left of the screen, and a frugal use of
hands on are sold ‘flash sale’ style to try and display real-estate. This was followed by
generate as much interest as possible. BQ a migration to full-screen applications and
has said it was handling 12,000 orders per unified menus and finally, the idea behind
minute during those initial flash sales, and scopes. The scopes idea is Canonical’s great
Scopes are how you interact with the Ubuntu selling out within 10 minutes, but there are hope for the Ubuntu Phone, because it’s
Phone. They can be installed, removed and their no specific numbers available on the final what it hopes will differentiate its operating
order shuffled around, but they’re always there. quantities that have been sold. system from the competition, and it’s what
22 www.linuxvoice.com
� UBUNTU’S NEW PHONE
we first played with when we finally got the from a selection of websites. But getting
phone in our hands. this message across to users of a new
Canonical hopes that scopes will smartphone is going to be a challenge.
differentiate their efforts from those of Scopes on the Ubuntu Phone are the
the competition, and perhaps, justify its default view. They’re what Canonical wants
commitment to both the Mir display server, you to use to get the most out of your device
already running on the Ubuntu Phone, and they’re launched with the easiest screen
and the Unity desktop interface. Scopes gesture to pull off – swiping from the left
are tied closely to Unity and Canonical’s edge of the display into the middle of the
convergence strategy – using the same screen. This is initially confusing, because
user interface and even sessions across this same gesture also displays the launch
multiple devices, which is why Canonical panel, a vertical list of running and quick-
has gone it alone with so many of the APIs launched apps that’s functionally identical
behind the desktop. to the desktop edition. Continue swiping and
the currently running app is slid to the side,
Scope for improvement revealing whichever scope you were running
However, the first and biggest problem with previously. The first scope is labelled ‘Today’,
scopes isn’t a technical one. It’s explaining and it’s the perfect example of the kind of
what they do and why they’re potentially so data scopes pull into a single window.
powerful. This isn’t so much a problem on The Today scope is Ubuntu’s equivalent to
the desktop, Google Now, only
where we’ve got
used to scopes
“You cannot bring a phone to the information it
pulls together to
as a way of market by turning out another show on a single
switching
between
app-centric interface.” panel is totally
under the user’s
Just like the panel on the Ubuntu Desktop, you
different kinds of control, and far
can pin applications and switch between those
search result. However, it’s not always clear more comprehensive. And unlike Google that are running on the Ubuntu Phone.
what advantage this offers over a sorted list Now, the developers have complete control
of results – where images or music files over what information is aggregated and
appear separated from other documents how, rather than relying on Google’s dark external services, listing Twitter trends, for
that satisfy the search criteria, for example. magic and an open invitation to raid your example, or the latest new stories. Scopes
The answer is that the results are web browsing history. The Today scope are enabled and disabled by using stars in
aggregated from various sources. For shows the date, the local weather and the top-right of each view.
music, that might be your local music upcoming events, as well as phone-specific Pressing the ‘Configure’ icon in the
collection, an online service and perhaps a events such as recent calls and messages, top-right alongside the star will enable you
store. For news, that might be the top stories for instance. It also pulls in data from to choose elements you want enabled or
disabled. For Today, that means a list of 15
different sources, from upcoming holidays
to FitBit stats. It’s this kind of aggregation
that’s key to how scopes work and why they
could potentially be more effective than
running a single app for a single task.
They’re not that dissimilar in function to
the user interface of the hugely successful
Pebble Time, which has just been
successfully crowdfunded. With the Pebble
Time, rather than making its users launch
specific apps for specific functions, it takes
nuggets of information from various app
and data sources and presents these on a
timeline that stretches from the past and
into the future – just as you might expect
with a watch.
Scopes can do the same thing, only they
are most useful when there’s some context,
such as pubs close to your location, major
news stories or Wikipedia entries for sites
close to where you’re staying, and they’re
The phone’s web browser is derived from the same rendering engine used in Google’s Chrome. what makes the phone so interesting to use.
www.linuxvoice.com 23
� UBUNTU’S NEW PHONE
Some of our favourite scopes
Forget apps for now – these are what Canonical wants you to be impressed with.
NearBy Music NearBy Articles
If there’s one example that best epitomises The Music scope lists results from several This is such a simple scope – it provides a
the idea behind scopes, it’s this. Taking your mainstream music providers, including single paragraph for Wikipedia entries that
location as a starting point, this scope 7digital, SoundCloud and YouTube. Many of have a geographical location close to your
populates itself with music, photos and us listen to music from more than one current position. But it’s brilliant. You often
restaurants that have some link to where source, and a scope for managing your find yourself updating the scope even when
you’re currently standing. A drop-down access to those sources when you just want you’re driving through somewhere that looks
menu also lets you choose a mood. Telling to listen to something makes better sense interesting. If you need to know more, click
NearBy that you’re thirsty will return a list of than opening separate YouTube or on the link to open the web browser.
bars (a fish bar was top of our list); if you say SoundCloud apps, but the back-end is a little If you wanted to replace NearBy with this
you’re stressed, you’ll get the location of your too limited at the moment. The other Articles scope, you can swipe up the scope
local spa, some relaxing music suggestions problem is that the security lockdown on the configuration panel, hold down on the scope
and a list of games. It will even pull in device doesn’t let third-party apps play you want to move, and the management
information from other related scopes, such music in the background. Photo and video view will appear, allowing you to drag and
as local Wikipedia entries. scopes offer similar facilities. move the position of any of the scopes.
News Open Library Shopping
The News scope is another powerful Many of the applications and scopes that This scope aggregates products in the same
example of scopes working well, giving you can be downloaded from the Ubuntu Store way that other scopes aggregate music or
a lot of control over what kinds of stories are open source and their licence is an news. Default sources include eBay, Amazon
(and their sources) are delivered to your important part of the information you’re and Etsy, and it could potentially be a great
device. An RSS feed is presumably the presented with before download. Open way of listing the same products from
source for this data, as there’s only a Library is one of the many open source different sources so that you can compare
paragraph and a single image to accompany applications that feels like an online store prices and services. This is what it does
the stories, but it’s enough to give you an but it’s actually listing books that you can when you use the search field. But it could
overview of what’s happening and how legally read for free. Most of these are be expanded to do so much more. The GPS
those stories are being reported by the classics, but the Open Library also lets you could be used to list useful products when
different media outlets displayed within the borrow digital books, as well as download your phone knows you’re away – such as
page. The only serious omission is the ability those that are out of copyright, often as PDF, umbrellas in London – but it could also list
to add your own sources, but there are other HTML and ePub. competing prices or products when it knows
RSS readers for that purpose. you’re in a specific store or looking for a gift.
24 www.linuxvoice.com
� UBUNTU’S NEW PHONE
Gesture control
How the Ubuntu phone is innovating in user interaction.
A
t the top of each scope panel,
there’s a small breadcrumb trail of
dots, which are used to represent
which scope you’re currently looking at.
Swipe left or right across this small section,
or any blank section of background, and you
swipe between scopes in the same way you
might swipe between virtual desktops.
One of these scopes is called ‘apps’, and
this is where users of other phones will feel
at home. This scope behaves exactly like
the app launcher for Android and iOS, and
includes access to the Ubuntu Store and
some integral functions like messaging, the
camera and phone. The app icons can’t be
manually rearranged, but they can be limited
by category and pinned as a shortcut to your
launch bar, just as you might on the desktop.
Left, right, up, down
One of Canonical’s other innovations is
the use of every screen edge to trigger a
gesture. As we’ve seen, dragging in from You can always swipe from the right screen Those dots and circles on the unlock screen are
the left edge will first show the launch edge to quickly switch to the previous task or used to tell you how many things your phone
panel before swiping away the currently open the task manager. has done today – such as photos, or messages.
running application to reveal the scopes
interface. Swiping from the right edge is the you to select them or flick to close them. continue to hold one of these gestures
equivalent of launching the task switcher. A quick swipe is a shortcut to the previous and reverse your motion, the gesture is
Every application you’ve got running is application you were running. One feature cancelled. For task switching, that means
concertinaed across the screen, enabling unique to the Ubuntu Phone is that if you you can see what’s running and slide back
to your original app without any interruption.
Get developing! The same principle is used for the
notifications and quick settings panel, which
Getting developers to write new applications for is pulled down from the top border.
a new platform is fundamental to its success. As The panel you see will depend on where
Cristian Parrino put it when introducing the phone, your finger is located horizontally across the
how to attract developers “is the quintessential
top of the screen when you initiate the drag.
question.” And considering Google has only just
started to get serious with its own development On the far left, you’ll get the notifications
environment – Android Studio 1.0 was only list, while on the far right you’ll be able to
released in December 2014 – Canonical has configure the date and time. Between these
already made great progress by providing a fully points, there are panels for rotation, files,
fledged development environment. The Ubuntu
location services, Bluetooth, networking,
SDK is easily installed from any Ubuntu desktop
and it includes the development libraries, an sound and battery life. But if you hold your
emulator for testing code without any hardware, finger down and move to the left and right,
and a graphical development environment. You can you can switch between these modes
also perform all kinds of remote tasks on your real The development environment for Ubuntu dynamically and even close the panel
Ubuntu Phone, such as connecting securely via an Touch applications is a customised version of without performing a single function.
SSH session. the exceptional Qt Creator.
The application at the heart of these The final edge – sliding up from the
development tools is the venerable Qt Creator, with bottom of the phone – is used to open a
a few modifications to act as a portal for Ubuntu functional applications without too much difficulty. contextual menu. The contents of this menu
Touch development. The reason for this choice is Another option is to use HTML 5 to develop your change depending on what application
QML, the scripting framework that takes the best applications. Many of those that are bundled
you’re running. From any scope, for example,
bits of JavaScript (ubiquity and speed) and binds with the phone, and the desktop, do exactly this,
them to the expansive Qt user-interface library. and it means you can create truly cross-platform you can use this menu to enable, disable
This should enable almost anyone to build fully solutions from the same codebase. and install other scopes, while the Call
function uses the menu to list recent calls.
www.linuxvoice.com 25
� UBUNTU’S NEW PHONE
Applications
Our favourite apps for the Ubuntu Phone OS.
1 2 3
4 5 6
1 Camera We take more photos than we make 3 Dekko An ace email client built to use all of system isn’t hidden from the users, but
phone calls with our phones, so this app is the Ubuntu Touch UI elements. 4 Terminal This everything is strictly sandboxed. You can still
important. 2 Cut the Rope There are many wouldn’t be Linux is we couldn’t access the modify your own files freely. 6 OSMTouch
games but not so many tier-1 titles. This will terminal, and Canonical’s own application is There are a few options for navigation, but this
change as more developers get on board. one of the best . 5 File manager The operating is the best way of accessing OpenStreetMap.
26 www.linuxvoice.com
� UBUNTU’S NEW PHONE
Convergence
The future of Ubuntu – and some would say the future of computing.
C
“ onvergence is the future of
computing. So we’ve reshaped Snappy Core and the cloud
Ubuntu and combined the mobility of
a smartphone and the power of a desktop One of the best things to come out of Ubuntu
on a single device.” Touch is Snappy Ubuntu Core (see issue 12 for our
These were the words chosen by Mark FAQ). Snappy Core is a minimal version of Ubuntu
along with a cloud-focused package manager
Shuttleworth to start the promotional
that makes it easy for sysadmins to create
video that accompanied the launch of the new services and spin them out across lots of
Ubuntu Edge crowdfunding campaign back instances or servers. Like Docker, each application
in 2013. And despite convergence being is isolated, self-contained, sandboxed and secure
a difficult word to market, lots of potential – a development that only came about because
Canonical needed a self-contained, sandboxed
users got excited by the idea of connecting
and secure solution for installing applications on
a keyboard and screen to their phones to Ubuntu Touch.
work more productively, just as you would According to the OpenStack Foundation global Snappy Core and Ubuntu’s success in the
on a desktop PC or laptop. The Ubuntu survey, Ubuntu is the most popular host and cloud are both positive side-effects of
Phone doesn’t have these features, but guest operating system, with more than half of investing in new ideas.
all OpenStack instances running Ubuntu, an an
convergence was still an important part of
even larger proportion for public clouds. If Snappy stronger position, as will the many users who cut
the launch presentation. But the emphasis Ubuntu Core can help Canonical turn some of that their teeth with Ubuntu as a first distribution and
was different. Mark, for example, mentioned popularity into profit, Ubuntu will be in an even want to find work within the industry.
convergence as the unification of x86 and
ARM – the combination of laptops with
mobile phones. But this isn’t likely to be from features touted for the Ubuntu Edge aren’t Shuttleworth said you’d be able to do. The
the same devices, and is more likely to be a in Ubuntu Touch today, they may not be far Unity, Mir and Xmir code needed to perform
feature that enables you to continue using away. Ubuntu Desktop Engineering Manager, these tricks isn’t quite ready yet, but it looks
the same application or workspace on more Will Cooke, has prepared a demo running on like it’s not going to be far off, which won’t
than one device. both Intel and ARM tablets running Ubuntu affect the modest BQ Ubuntu Phone, but it
Ubuntu has been reshaped too, as Mark Touch, where applications pop-out of full will open new possibilities for convergence
originally promised. Scopes are an integral screen and into a windowed mode when on faster tablets and phones, as well as the
part of desktop Unity, even if they’re not as you connect a wireless mouse, and you can Ubuntu Desktop itself.
developed or as diverse as those that appear run desktop applications like LibreOffice and
on the phone. And while the single-device finally connect to a real screen, just as Mark A future full of choice
Ubuntu Phone, Ubuntu Touch and the Unity
desktop are all part of Canonical’s strategy
to put Ubuntu into a stronger position. If this
succeeds, it will mean the future of Ubuntu
is assured, even if the desktop becomes less
relevant through more convergence with
other devices.
But most importantly, it offers choice.
As Jane Silber said when speaking at the
launch of the phone, “We’re not at the end
of what personal computing looks like.”
In many ways, we think we’re still at the
beginning. iPhone and Android are winning
the current round, but we all know how
quickly things can change, and we’re happier
in a future where companies like Canonical
try new things, than a future where they
accept the status quo and things stay the
same. This is what’s so good about the
emergence and the final release of the
Ubuntu Phone. It takes what started as an
easy alternative desktop operating system
and pushes it into our pockets – and that’s
Core applications include the web browser, the gallery, a note taking tool and the media player. something to get excited about.
www.linuxvoice.com 27
� FEATURE CRYPTOCURRENCIES
Cryptocurrencies:
Bitcoin and the
Altcoin revolution
There are now hundreds of cryptographically secure currencies,
but why do they exist and which ones should you trust?
C
urrencies backed by cryptographic guarantees others, known as altcoins. Some of these altcoins are
rather than by governments or precious metal gaining popularity, while others are languishing
stores first became famous with the dramatic without value and without miners to keep the
rise of Bitcoin in 2013 when one Bitcoin rose from a blockchain moving. Some of these new
value of $14 to over cryptocurrencies hope to
$1,000. The last year has
been a bit less impressive “The last year has seen add new features, or
improve on the Bitcoin
and the price of Bitcoin Bitcoin become better known model in some ways;
slumped to about 20% of
its peak. and more useful than ever.” others are just scams
perpetrated by people
Despite the low price, hoping to get rich quick.
there’s good reason to be positive about Bitcoin. The Almost all cryptocurrencies work in the same way
last year has seen the currency become better known – the method pioneered by Bitcoin. Miners calculate
and more useful than ever. You can spend it in more new blocks that are added to a cryptographically
places, and Linux Voice subscribers can renew their signed list that goes back to the very beginning
subs with it (we hope to roll out sales for new (this list is known as the blockchain). Transactions
subscribers soon). Bitcoin is by far and away the most are added to the blockchain, and once there, they’re
popular cryptocurrency, but there are hundreds of an irremovable part of the currency’s history. This
28 www.linuxvoice.com
� CRYPTOCURRENCIES FEATURE
permanent ledger of every transaction prevents both
double spending and making fake coins. Anyone can
inspect the blockchain and make sure that the coins
are valid (that is, they can be traced back to the point
they were mined) before making a transaction.
However, despite working in the basic same way,
there are some important differences between the
currencies. Perhaps the biggest distinction from a
technical point of view is the hashing algorithm used
to mine and secure the blockchain. Some of the most
popular are:
SHA256 Used by Bitcoin. This algorithm is now
implemented in highly efficient ASICs (see boxout
on mining), so it’s no longer possible to mine it
efficiently without purchasing specific mining
hardware. There is a slight risk that this could leat to
a small number of people getting control of a large
amount of the hashing power (by limiting access to
hardware). However, currently this isn’t happening
Almost all cryptocurrency
Scrypt Originally this was thought to be resistant to current hashrate in an attempt to keep the blocks
wallets are forks of the
ASIC (chips built for the sole purpose of creating being mined at a consistent rate, and the target rate Bitcoin wallet, which
coins) miners, because it requires more memory is different for each coin. Bitcoin, for example, adjusts means they have a Qt
that SHA256. However, there are now Scrypt ASICs the difficulty to try and keep a new block appearing version that runs well on
that can mine more effectively than GPUs. The on average every 10 minutes. Since a transaction Linux. This picture shows
difference isn’t as great as with SHA256 though. isn’t valid at all until it’s in a block, and not considered the Darkcoin wallet.
This is the hashing algorithm used by Litecoin. secure until it’s in six blocks, it can take up to an hour
X11 This isn’t a single hashing algorithm, but a for a transaction to be considered valid. This level of
collection of 11 different hashes chained one after time is fine for some transactions, but it’s not very
the other. The theory is that this complexity will good for, say, paying in a shop.
make it harder to design specific hardware to
perform the hash effectively, and that this will slow
down the development of ASICs and keep the Hash rates and block times
mining more democratic for longer. At present, Many other cryptocurrencies have faster block times.
there are no ASICs that can mine X11 (though some For example, Litecoin tries to get a new block every
vendors erroneously claim that they do). However, it 2.5 minutes. This has two implications. First, it means
is likely that if an X11 coin becomes valuable, ASICs that transactions are included in the blockchain faster,
will follow. The most popular X11 coin is Darkcoin. but consequently, it means that it’s cheaper for a
Coin miners are constantly mining new blocks. malicious user to manipulate a single block in the
The number of blocks mined since a transaction blockchain. The reason that blocks are considered
was included in the block chain is the depth of secure in Bitcoin once they reach a depth of six is
the transaction (sometimes called the number of because at a depth of anything less than that an
confirmations). The deeper the transaction, the attacker with access to very powerful computers
harder it is for anyone to reverse it. It’s common to could try to out-mine the mining network.
say a transaction is verified once it reaches a depth The rules of Bitcoin say that the longest block chain
of six blocks in Bitcoin. Each coin has an algorithm is always the right one. Therefore if a transaction is
that adjusts the mining difficulty depending on the included in one block, an attacker could start mining
Mining: can it become profitable again?
The original aim of mining was to distribute the task of using Field Programmable Gate Arrays (FPGAs) – these are
generating the block chain to anyone with a computer who blank chips onto which you can load circuits – and later using
believed in Bitcoin, and so many of the early coins were mined Application Specific Integrated Circuits (ASICs), which are
on regular computers. However, as soon as Bitcoin started custom-built chips. These days, it’s not profitable to mine
to become successful, people looked for ways to mine them unless you have some of the latest generation ASICs and
more quickly. access to cheap electricity.
Graphics cards can be programmed to mine the SHA256 Currently, the best X11 currencies such as Darkcoin are
hash quite effectively, and once software came out to allow right on the edge of being profitable to mine using a GPU.
this, it was no longer profitable to mine on CPUs (the cost of If there’s an increase in price, this could mean that you can
the electricity was more than the Bitcoin reward). actually make money using your graphics card again, though
It didn’t stop there though. People started to make FPGAs and ASICs will probably follow if mining X11 remains
hardware specifically to mine coins quickly. First, this was profitable for long.
www.linuxvoice.com 29
� FEATURE CRYPTOCURRENCIES
What’s not yet clear is the best approach to
rewarding miners over a long period of time. Bitcoin
halves the number of coins miners receive when
they mine a block every four years. This means that
fewer and fewer new coins will enter circulation as
time goes on, and there is a limit on the number of
Bitcoins that will ever be created – 21 million. The idea
is that this limitation of supply will cause the value of
Bitcoins to remain high.
On the other hand, Dogecoins will be mined forever.
There is a risk here that these new coins will cause the
currency to constantly fall in value. However, if growth
in the Dogecoin market out-paces the new coins, it
will mean that the coins will still raise in value and the
miners will still be incentivised to mine. In currencies
where there’s a limit on the number of coins mined,
there are often transaction fees (usually voluntary)
that can be used to compensate miners when there
are no more rewards for mining blocks.
Some mining pools (such
on an earlier block, and if they can mine two blocks In reality, for a cryptocurrency to be healthy,
as multipool.us shown
here) move between before the rest of the network can mine one, they can miners have to be paid. The falling block rewards
different cryptocurrencies remove the transaction from the block chain even and transaction fees model (like Bitcoin, Litecoin,
depending on how though it appeared in one block. The deeper in the Darkcoin and many others) mean that people who
profitable each currency is block chain a transaction is, the more processing make transactions will pay the miners. In a currency
at the time. power they would need– and therefore the more that continually creates new coins (like Dogecoin), it’s
expensive it would be. The faster block time on the people who hold coins that pay (because of the
Litecoin means that an attacker would need fast devaluation caused by the increase of supply).
hashing power for less time to reverse one block,
so to get the equivalent level of security you need a Darkcoin
transaction to be deeper. This covers most differences between most
However, many transactions are quite small. cryptocurrencies. However, there is one that’s a little
It’s never going to be worth doing this to reverse a different: Darkcoin. This currency set out to fix what
transaction for a can of coke or a pint of beer. For some people see a fundamental fault in the Bitcoin
these smaller transactions a single block is enough, network: the lack of privacy. Since the block chain is
and that’s going to be much quicker on average in the public, everyone can see every transaction that’s ever
currencies with the shorter block times. happened, and which wallets hold how much money.
All cryptocurrencies give coins as a reward to Darkcoin includes a masternode network. These are
miners. However, they manage this in different ways. a sub-set of the nodes on the network that are used to
Some have a large number of pre-mined coins that are obfuscate the source and destination of a transaction
for the currency’s developers. Some have a fixed limit in a similar way to the method the Tor network uses
on the number of coins that will ever be created, while
others will keep mining them infinitely. A large number
Pump and dump
of pre-mined coins (ie coins that were created before
the currency went public) can be an indicator that the Bitcoin’s sudden rise in price in 2013 has lead many
currency’s creators want to enrich themselves rather people to believe that similar things will happen for other
than create a sustainable currency. currencies, and that all they have to do is wait for one to
start to rise in price, then buy, and wait to reap the profits.
This has led to the use of pump and dump scams. This
is where a group of people artificially inflate the price of a
particular cryptocurrency (or other tradable commodity) for
a short period of time, then sell their stake while the price is
high and leave it to crash.
Inflating the price can be done by pushing out positive
news stories that give a false impression of support for
the currency, buying up quantities of the currency on
exchanges, or almost anything else you can think of.
Before investing in a currency, you should always be
aware of the risk of this form of scam. All currencies
will have peaks and troughs, and cryptocurrencies are
particularly volatile; before investing in a currency, take
a look at its history and coverage and decide for yourself
Using sites like blockchain.info you can see everything whether it seems legitimate.
that’s ever happened on the Bitcoin network.
30 www.linuxvoice.com
� CRYPTOCURRENCIES FEATURE
The next Bitcoins?
Litecoin One of the oldest altcoins, Litecoin was released
in 2011. It uses the Scrypt hash and has quite a short
block time.
Darkcoin A cryptocurrency with a unique system of
masternodes (see main text). Launched in 2014, it’s still
quite new, but already it’s the sixth largest cryptocurrency
by market capitalisation.
Dogecoin The logo is of a Shiba Inu dog, which became
popular on the Reddit social network. This currency’s
popularity is almost entirely down to marketing. Users of
this currency have raised money to sponsor a Nascar
driver, and pay for the Jamaican bobsled team to
compete in the Winter Olympics.
Ripple This isn’t a cryptocurrency like the ones we’ve
dealt with here because it relies on trust rather than
cryptographic proofs. In reality, Ripple is more of a Fig. 1: the price history
payment system than a currency and isn’t easily thorough understanding of the coins you’ll be trading,
of Bitcoin in USD from
compared to more common cryptocurrencies. and an account with an exchange. Trading is all the CEX.io exchange. The
Potcoin A cryptocurrency set up to support the legal about predicting what will happen, then arranging red and blue blocks show
marijuana industry around the world. Some of the your currencies to maximise your profit when that the range of prices paid
proceeds have been used to support the use of the drug
happens. You can hold on to currencies for a long for Bitcoin in each time
for medical uses.
time in the hope that they’ll continue to rise in value, period, while the grey bar
or you can shuffle money around and try to take graph shows the number
to protect anonymity online. In order to provide some advantage of spikes in value. of Bitcoins traded in that
time period.
protection against an adversary taking control of a There are quite a lot of exchanges listed at https://
large number of the masternodes, each masternode www.cryptocoincharts.info/markets/info. It’s usually
has to be linked to a wallet with 1,000 Darkcoins. wise to hold some of your coins in a private wallet
A useful side effect of the masternode network is rather than on an exchange, or spread the risk by
that they can be used to guarantee almost instant having accounts on more than one exchange.
transactions known as InstantX. Sending using There are two key graphs that you’ll see on an
InstantX, a transaction is locked by a group of exchange that will help you see what’s going on: the
masternodes until it reaches a sufficient depth. This price history (figure 1), and the market depth, shown
means that you can have a high degree of security of in figure two. This is an amalgamation of the various
a transaction with the space of a few seconds. orders out. If you own Bitcoins and want to sell them,
you put out a sell order showing the price you’re
Trading willing to sell them at. If you want to buy them, you do
It’s possible that investing now in the right currency the same but with the price you’re willing to pay. The
will make you huge sums of money in the future. blue line is a cumulative line for the buy orders and
It’s also possible that you will lose your entire the green line is a cumulative line for the sell orders.
investment. Cryptocurrencies aren’t a safe way of Where they meet is the current market price for
holding money, but then neither is anything that Bitcoins on this exchange. The skill of trading is being
has such high potential returns. If you want to start able to read these two graphs and deciding what
trading cryptocurrencies, you’ll need two things: a prices to place your orders.
Bitcoin Market Depth
200
Number available to buy or sell
150
100
50
0
120 192 216 227 236 246 256 285 320 350
0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
Price (US dollars)
The point at which the blue (buy) and green (sell) lines meet determines Bitcoin’s market price.
www.linuxvoice.com 31
� FEATURE GET INVOLVED WITH FOSS
CREATE YOUR OWN
FREE SOFTWARE
PROJECT
Got a great idea for an application or game? Not sure how to get
started and attract other developers? Mike Saunders is your guide.
F
ree software is tremendously democratic. chance of being a success. We’ll show you how
Anyone with a computer and an internet to plan ahead, market your software, pull in new
connection can get involved – there are no developers and get into the major distros. We’re
barriers of wealth or social status. Being educated basing this on experience too: this author runs a small
in computer science helps, but there are plenty of operating system project (http://mikeos.sf.net) that
people working on free software at Red Hat, Canonical has had over 60,000 downloads and contributions
and Intel who’ve never from 20+ developers
been to university, and
who acquired their
“Anyone with a computer and around the globe. Lots
has been learnt since
positions simply by an internet connection can get the project started in
writing great code.
So anyone can
involved with Free Software.” 2006, and we’ll share
these experiences here.
contribute to free
software, and anyone can start a new project as well. Naming, hosting, and choosing a licence
But how do you turn that great idea in your head into It’s crucially important to choose a good name from
a real-life success? The likes of SourceForge and the start. You might be tempted to use a temporary
GitHub are littered with now-abandoned projects with name or some clever geek pun, but if you have to
barely 50 lines of code, which initially started as grand change it later, you’ll probably have to use new URLs
ideas to create the next killer music player, email client for your project page and then lose a bunch of hits
or game. Yes, free software is awesome, but 95% of from web searches. Your name should also be
projects never get off the ground or are abandoned appropriate for the 1.0 release as well. Consider
after a few weeks. Minetest, an open source Minecraft clone: it wasn’t
Over the next few pages we’ll show you how to such a bad name at version 0.0.1 when it was literally
avoid this, and make sure your project has a proper just a quick test to see if the developer could hack
32 www.linuxvoice.com
� GET INVOLVED WITH FOSS FEATURE
together a Minecraft-like engine, but now the game is
much more complete and the name belies the extent
of its features.
Also, avoid using special characters that cause
problems with URLs or search engines. At FOSDEM
we came across the OP^2 project to build an open
source VoIP phone – but just try Googling that name.
You’ll have absolutely no luck, and if people can’t even
find your project on the world’s biggest search engine,
your name means nothing. (We’ve seen even more
horrific examples over the years, including project
names containing asterisks and pipes. No, no, no!)
Try to come up with a catchy name, and note that
it doesn’t have to be directly related to the type of
software you’re writing. Firefox has nothing to do with
fire or foxes, but it’s a short, unique and slightly odd
name that everyone remembers. And again, think of
Googlability: don’t go too generic. The Gnome 3 team
decided to rename its Epiphany web browser to simply
Web, but imagine what that’s like for people searching
GitHub is one of the most
for solutions on Google. “Epiphany page load crash” is for periods of time. SourceForge got some flak
popular project hosts, and
going to get you much better results than “Web page recently for modifying installers of FOSS Windows includes an issue tracker
load crash” – so we don’t think that was the smartest programs to include (optional) adware, but this hasn’t for users to report bugs.
move by our friends at Gnome. affected Linux users.
If you’re passionate about free software principles,
Finding the right host want to use the GPL for your licence and plan to avoid
Next, you’ll need some kind of web presence for your all non-free file formats (such as Flash) on your web
software. The sheer variety of options on offer can be pages, you could try Savannah (http://savannah.gnu.
overwhelming, but there are a handful of websites org). Another alternative, especially for those creating
that we recommend. GitHub (https://github.com) is software that’s tied in with Ubuntu, is Launchpad
the most popular right now, and lets you create a at www.launchpad.net. Then there’s Google Code
source code repository that anyone can clone via Git (http://code.google.com) which is fairly limited but
and then work on their own branch. GitHub is great for very reliable thanks to Google’s mighty data centres.
fast-moving projects with lots of contributors, A few notes on creating your web presence: always,
although the services on offer are rather limited – you always say what your program does right at the top
can’t use it to create forums or mailing lists. of the page. So many projects have awesome-looking
SourceForge (www.sourceforge.net), meanwhile, is websites that don’t actually reveal a single thing about
one of the oldest FOSS project hosts and includes the the software in question. Additionally, make sure
aforementioned forum and mailing list facilities. You to include a news section (with dates) on the front
can even administer the website of your project over page – again, ideally near the top. This way visitors
SSH. SourceForge is a giant site, though, and it can be will see that your project is alive and being updated.
fiddly to use; we’ve also seen it become inaccessible Try to summarise what’s great about your program
in a few bullet points, and include screenshots. If
you can’t make pretty images (eg it’s a command
Which language? Which toolkit?
line program), try installing a screen recording tool
Blimey – those are topics that could fill an entire year’s from your distro’s repositories such as RecordItNow
worth of Linux Voice. We won’t tell you which language, or SimpleScreenRecorder, and make a few videos
toolkit or framework to use here, as everyone has their showing off the features.
personal favourites. C and C++ are important if you want
to write Gnome/GTK or KDE applications respectively,
and Java is well supported on Linux too. Some Gnome Choosing a licence
programs are written in Vala, a C#-like language that’s Before you write a single line of code, it’s important to
loaded with useful features. settle on a licence for your project. You can’t just say
If you’ve never done any programming before, but always that your program is open source or free software – it
wanted to give it a go, we recommend starting with Python.
It’s easy to read and lets you make command line tools,
needs to have some kind of licence attached to it, so
GUI applications and games. You’ll find a friendly tutorial that contributors know what they can do with the
targeted at non-programmers online at http://tinyurl.com/ code. By far the most popular licence in the Linux
python3newbs, and once you’ve worked your way through world is the GNU General Public Licence (GPL), which
that, you can look at creating desktop tools using PyGtk/ says that the source code is free for anyone to read,
PyQt, or games with PyGame. If there’s anything you’d like
us to run a tutorial about, let us know!
modify and share. But the GPL is more complicated
than “just do what you want”; it also enforces these
www.linuxvoice.com 33
� FEATURE GET INVOLVED WITH FOSS
BSD licence also ensures that you get credit for your
work when it’s used in other projects.
If you’re not interested in any restrictions and don’t
care about being credited as the original author, you
can release your code as public domain
(www.unlicense.org). Alternatively, you could try
the Beerware licence (http://en.wikipedia.org/wiki/
Beerware) which says: do what you want with the
code, but if you find it useful and happen meet me one
day, buy me a beer.
Even if you don’t care about the licence now, bear
in mind your future contributors. Many people are
passionate about the GPL and its enforced sharing
mechanisms, so it’s the best licence to choose if you
want to attract the widest pool of developer talent.
Writing the code, and bringing people on board
So many developers make a crucial mistake in the
first stages of a project: they start asking around for
contributors. This sounds like a great thing to do, and
is very tempting – after all, if you tell the world about
The GPL is a good default
freedoms on others. So you can’t take a GPLed your awesome idea, you’ll soon have a team of 20
choice of licence, but see
www.choosealicense. program and make something proprietary out of it hacking away on code, graphics and documentation,
com if you want to explore – you have to share your modifications under the won’t you?
some alternatives. same terms. Well, no. Until you have anything to show, even a
Most of us love this licence, and it has stopped 0.1 version, many potential contributors are going to
companies from taking the Linux kernel, the GCC ignore your calls for help. That’s not an insult – it’s just
compiler, the essential GNU C library (Glibc) and that there are tens of thousands of projects out there
other valuable projects and using them in proprietary with good intentions, but not a single line of code. If
operating systems. But the GPL isn’t everyone’s cup of you want people to help you out, you need to show
tea: some developers regard it as too restrictive, and that you’re serious about the project, and that you
prefer the BSD licence. This essentially has the same have the knowledge and commitment to do the bulk
freedoms to share and modify, but permits code to be of the work early on.
used in proprietary software. FreeBSD, for instance, Similarly, another problem that can arise in these
is a BSD-licensed operating system that anyone can very early stages is developer spats. If you don’t
download and modify, but there’s also a closed-source have a basic codebase and roadmap, you could end
version included in the firmware of the PlayStation 4. up with new contributors trying to take the project
To use the GNU GPL, see www.gnu.org/licenses/ in many different directions, causing arguments,
gpl-howto.html. The BSD licence is available at resignations and (potentially) forks. All this before
http://opensource.org/licenses/BSD-2-Clause, you’ve even gotten 0.1 out of the door! It’s happened
and includes clauses to stop you from being sued if before, and it will happen again…
your program doesn’t work properly – so if someone So it’s vitally important to have something to show
uses your code to run a nuclear power station and a the world – even if it’s a very primitive version of the
catastrophic meltdown occurs, it’s not your fault. The app. Try to get to version 0.1 or 0.2 on your own. If
you have some fantastic ideas for a music player, for
instance, but you’ll need extra help implementing the
Getting into a Linux distribution
advanced features, you should at least get the basics
Your software will gain the most exposure Debian has a list of packages called done yourself. Write a simple music player and add
when it gets into the mainstream Linux WNPP (Work-Needing and Prospective
menu items or toolbar buttons for the features you
distributions. There’s no simple way to Packages) at www.debian.org/devel/
achieve this, unless you happen to be a wnpp. From inside Debian, you can use the plan to add later. This shows potential contributors
distro developer yourself and can simply reportbug tool to submit a request for a that you have the knowledge and capability to write
package up your own work, but there are a new package. Enter 5 – RFP (request for an application.
few things you can try. package) for the report type, and then enter Once you’ve made a start, try to define a roadmap,
First, look at some related packages and a description according to the template on
at least for the next two or three releases, but ideally
try to find who maintains them. You might the web page. This is no guarantee that your
see in Arch, for instance, that a certain program will get into Debian, as there are up to version 1.0. This helps developers to see your
person is responsible for packaging up currently 3,400 requests to package up new goals more clearly, and prevents your project from
various music players. Drop him or her a line, programs, but it’s worth a shot. Also, if your languishing in 0.XX versions for many years (like
explaining that you’re working on a similar software finally does get into the Debian Inkscape – a stable, brilliantly useful vector graphics
program, and it would be great to see it in the repositories, it’s likely that it will be picked up
app that’s used by professionals, but somehow
distro one day. by (K/X)Ubuntu and other Debian derivatives.
is still stuck at version number 0.48.2). If some of
34 www.linuxvoice.com
� GET INVOLVED WITH FOSS FEATURE
your feature ideas are awesome but very difficult to
implement, don’t be afraid to push them to version 2.0
on the roadmap, and focus on getting a simpler 1.0
release out of the door.
Finding contributors
Once you have a 0.1 release prepared, you need to tell
the world about it somehow. A good start is to visit
http://freshcode.club, a regularly updated feed of free
software project releases. Click on the Submit button
in the bar towards the top, then enter your project’s
name, website and a short description. You can also
add tags to your project to help users when they
search on the site. Once you’ve filled out the form,
click Submit at the bottom and your entry will be
added to the page.
Freshcode’s feed is picked up by many other
websites, so this is a good first step for spreading
awareness about your project. If you’re working on
a game, you could also submit it to the Linux Game
Database at www.lgdb.org – make sure you have
If your project becomes
some pretty screenshots to get plenty of attention! and line numbers where appropriate. Nobody wants
popular, you may have to
If your first release is already close to being feature- to spend days poring through your code to find the deal with trolls on mailing
complete, you could also submit a link on www.reddit. relevant place; they want to get hacking straight away! lists (like this kid, who tried
com/r/linux, but note that this subreddit is very busy Other forums to post on include www.ubuntuforums. to take over the author’s
and your post could get lost unless your program will org and, of course, our very own at http://forums. MikeOS project and was
be of interest to many people. linuxvoice.com. told to go away).
After this, you can do some more targeted If your project needs some artwork and you’re not
advertising of your project. Try posting an a dab hand with Inkscape or Krita, you can request
announcement about the first release on a help at www.opengameart.org/forums/resource-
popular forum, such as requests. Post a
www.linuxquestions.
org/questions – the
“There’s nothing better than message explaining
what you’re working on,
“General” subforum sipping a coffee/wine/beer that including a link to your
is the best choice in
this case. Make it clear
one of your users has paid for.” web page, and describe
what you need. See
that your program is some of the previous
open source so that your post doesn’t accidentally get posts for examples. You might not get an immediate
marked as spam, and use this as an opportunity to response, but give it a few days and hopefully
recruit new developers. someone will be in touch.
It’s important to be specific about what you want. Finally, contact Linux journalists! Our Ben Everard
Don’t just say “please come and write code for my (ben@linuxvoice.com) writes the FOSSpicks section
app!” Instead, state which features or parts of the of this magazine, which is a great opportunity to
codebase need work, and point people to specific files showcase new projects. Send him a link and if your
program is already usable and potentially of interest to
Linux Voice readers, he’ll consider it for inclusion.
And that’s all the weather
If you bear in mind everything we’ve discussed here,
your project will get off to a healthy start and it won’t
be long before you end up getting contributions from
around the world. As your project grows, you can even
add a ‘donate’ button to your web page – there’s
nothing better than sipping on a particularly nice
coffee/beer/wine that one of your users has paid for.
And above all: good luck, and thank you for
contributing to the world of free software! Even if
it takes time to build up your project, so much in
Once you’ve made your first release, submit it to FOSS started as a hobby project coded in someone’s
http://freshcode.club for all the world to see. bedroom. From tiny acorns, and all that…
www.linuxvoice.com 35
� FEATURE LOWRISC
LOWRISC
Discover a project that’s hoping to get us one step close to a
completely open computer.
I
t doesn’t matter how open or free your software is, circuitry for input and output. The only part of the
the only hardware available today is closed and main system not included on SoCs is the memory.
proprietary. This closed hardware could be used Having a fully open SoC would put us one step
to compromise the freedom of computer use in many closer to a fully open computer, where the user could
ways. Closed hardware can be used to limit what the inspect the source code for any element of it. Having
user runs, the way in which it runs, or what other an open SoC would mean no closed-source blobs to
hardware it runs with. You get it to run. It would mean
also can’t see how closed
hardware works which “Having a fully open SoC the possibility of a
completely libre computing
makes it harder to inspect would put us one step closer environment.
or improve. Until we have
open hardware to go with to a fully open computer.” In hardware terms, the
source code is the design in
open software, we’ll never a hardware description
have truly open computing. One project hoping to language (for example Verilog). This compiles to
change this is LowRISC. hardware designs in a similar way software source
This project is attempting to design and produce an code compiles to machine code. An open chip has to
open system on a chip (SoC) that could be used as have the code for the hardware description language
the heart of a Linux computer. An SoC is like the open so anyone can see it, edit it, and re-distribute it.
motherboard of a traditional computer – it contains The SoC industry is known for its secrecy. Even
the processing core, and much of the associated getting information about how to use particular chips
36 www.linuxvoice.com
� LOWRISC FEATURE
We spoke to LowRISC
co-founder Alex Bradbury
after he gave a talk at
FOSDEM introducing the
project. You can see the
slides from that talk at
https://speakerdeck.com/
asb/lowrisc-the-path-to-
an-open-source-soc.
can mean signing wide-reaching non-disclosure word will have an additional two bits of memory
agreements, so an open alternative here would make associated with it. These two bits can be used to add
it far easier for smaller developers and hobbyists to some context to the word so the processor knows
work with these chips. what should be in it. This is most commonly used to
enhance security. For example, if an attacker
Freedom and features manages to write to memory – such as through a
As well as being open, there are a couple of key buffer overflow – the processor will be able to see
features that make LowRISC stand out. According to what type of content the memory should have, which
Alex Bradbury, co-founder of the LowRISC project: “I will make it harder for the attacker to turn this exploit
guess the notable features that we’re looking at into code execution.
adding are tagged memory support and minion cores. The minion cores are additional processing cores
Tagged memory gives you the ability to annotate that sit on the input/output pins. These can be
memory locations to, say, limit access for security programmed to handle some of the IO activity. For
purposes, and minion cores are very small, simple example, if you need a pin to communicate using a
RISC-V processor.” particular protocol (such as I2C, which Nick Veitch
These two things make the LowRISC SoC different investigated in LV012 and 013), the minion core can
from other offerings – even commercial chips – but handle the low-level aspects of this communication
for very different reasons. Tagged memory is basically without taxing the main CPU.
the ability to mark certain chunks of memory. In the Most SoCs have hardware to handle I2C on a few
LowRISC solution, this will mean that every 64-bit pins, but the advantage of the minion cores is that you
Open hardware
Although open hardware is still a long way behind open the circuitry for the hardware rather than including an Arduino
source software, there are a growing number of projects that as a separate component. This makes it far easier for people
show just how useful it really is. Most of the time though, to go from prototype to product, even if that product is only
open hardware only refers to the layout of the circuit, not the something a hobbyist will produce only once.
actual designs of the chips themselves. For example, Arduino There are some more open solutions. Sticking with the
microcontroller boards are perhaps the poster-children of the microcontroller example, you can use the open source ZPU
open hardware world. By releasing all the designs, it makes it core in an open hardware Papilio FPGA board to create an
far easier to build on them even though the chips themselves almost completely open microcontroller that you can use in
are proprietary. much the same way as an Arduino. (The FPGA in the Papilio is
Although this doesn’t give the user complete freedom, proprietary, it’s just the design loaded onto it that’s open.)
it does have quite a few advantages. For example, with the Having an open, fabricated SoC will be a huge step
Arduino it means that anyone working on a piece of hardware forward in the open hardware movement – and indeed the
with an Arduino at its heart can easily change the project to libre computing movement – however it won’t be a complete
incorporate the required features of the Arduino directly into solution until there’s open memory, and other associated chips.
www.linuxvoice.com 37
� FEATURE LOWRISC
ways. This means you can download different
hardware designs onto the chip and run it. It’s a cheap
way of trying out different designs.
There are some important differences between
LowRISC and OpenRISC. “I suppose the comparison
between first the OpenRISC versus RISC-V, the
difference would be that RISC-V is a clean slate, 64-bit
ready rocket architecture with a very minimal
instruction set whereas OpenRISC perhaps made the
mistake of throwing in too many instructions into their
basic architecture,” says Bradbury. “It’s taken them a
long time to get a 64-bit version and adding atomic
support, that’s just about happening now. I think there
are very friendly people in the OpenRISC community
and most of them kind of see that if they did a clean
64-bit OpenRISC, it would probably look something
like RISC-V. Indeed there is a fair share of lineage.”
Performance
The crunch question for any new computer is what
speed will it run at: “The aim that we discussed for our
You can download code
can use whichever pins you like for whichever protocol first meeting is to run Linux well. This is what we’re
for a RISC-V core (similar
to the one at the heart of you like, rather than the current situation where looking at: dual- or quad-core running at 1–1.5
LowRISC) from the protocols are tied to particular pins (as anyone who’s gigahertz, the exact clock speed will depend on if the
riscv.org website. used the Raspberry Pi GPIO pins will know). production process ends up at 40 nanometers or 20
In many ways, the situation with minion cores is a nanometers.” The process size refers to the smallest
little like having Arduino imprints that can be made on
microcontrollers sitting
between the CPU and the
“Already open source the silicon. The smaller
process would mean a faster
IO pins. For anyone contributors are making key chip.
building custom hardware,
this could be very useful.
additions to the project.” Running Linux “well” is a
– perhaps intentionally –
Although LowRISC is vague target. For many users,
trying to make a fully open SoC, it won’t be able to the limiting factor of the first LowRISC SoC will be the
completely avoid proprietary code from the first lack of a GPU. This means it will struggle with most
version. Alex Bradbury told us: “As for all this open desktop uses. However, there are still plenty of
source stuff, there are a whole bunch of lines that you applications where this isn’t such a problem: “There
can choose to draw. The lowest aim is for everything are a number of people who are particularly interested
that you would implement in a hardware description
language (like Verilog) to be fully open – so all the
Genesis How the project got started
digital logic is fully open. [However,] it might be that in
the initial case, we need to take on some closed Although LowRISC will be producing and selling silicon
source intellectual property for some IO controllers, chips, the aim behind the project is to make open hardware,
because often the physical interface is very tightly not money. The organisation is registered as a community
interest (i.e. not-for-profit) company.
integrated and tightly tied to the controller. It might Alex Bradbury says: “We started around last summer
just be too much engineering work for the first chip.” when [Dreamworks’] Gavin Ferris got in touch with Rob
While we do feel that it’s a bit of a shame that the Mullins [of Cambridge University] and myself. We started
initial SoC won’t be completely open, we understand discussing what we could do to make open source
the need to be pragmatic when bringing something as hardware happen, what the opportunities were. So we
started looking around to see what was going on in that
complicated as an SoC to market. Since the RAM will space. There are existing things like the OpenRISC project,
be in a separate chip, this closed source code will just which has its own open source architecture. We found
be dealing with the interaction with that memory. This Krste [Asanović]’s team at Berkeley, who Rob has worked
is something, Bradbury explained, that the team with before, and that very fortunately, the chips with RISC-V
would like to open in future revisions. work and have this RISC-V Rocket core.”
Gavin, Rob and Alex form the main part of the team, but
LowRISC isn’t the only project trying to create open there is also a technical advisory board made up of some
source SoCs. OpenRISC has been around a lot longer key people in the open hardware world including Julius
and has several designs that can be implemented on Baxter from OpenRISC and Bunnie Huang, open hardware
Field Programmable Gate Arrays (FPGAs). These are advocate and hacker extraordinaire who crowdfunded an
chips that contain lots of logic circuits and a open hardware laptop –
www.bunniestudios.com/blog/?p=3657.
mechanism to connect these circuits in different
38 www.linuxvoice.com
� LOWRISC FEATURE
in security-type applications [because of tagged
memory]. Given that we ship without a GPU, an
obvious use case would be a router. Right now it is a
real problem that you buy your off the shelf hardware
and it is running some firmware that you can not
change that was written six months ago already has a
local root vulnerability you cannot patch around.”
Obviously routers are not the only hardware that
doesn’t need graphics but that does need good
security, so we expect to see a lot of projects pop up
once the hardware is available.
Community
If this sort of thing sounds interesting to you, then
the LowRISC team are keen to find people to help
out: “We’re very welcome to contributors, we want
people to get involved,” says Bradbury. “Right now, as
with many open source projects, the documentation
isn’t quite where we want it to be. But in the future, if Although the projects have
somebody here is interested in learning more about Bradbury continues: “We started seeing more different goals, LowRISC
shares some heritage
hardware design and about how you can apply some design discussions go on the normal mailing list
with the Raspberry Pi
skills that you might already have in software to the about how things such as the link between the Foundation.
hardware world, then we want to be the source of that. application cores and the minion cores should work.”
There are all sorts of levels you can get involved, from The biggest difference between an open hardware
people who have some basic software knowledge project and an open source software project is that it’s
and want to work on software reporting to people who effectively free to compile software, while it can be
want to work on documentation.” very expensive to make new hardware. Alex told us
This isn’t just an abstract hope for the future. how LowRISC has overcome this hurdle: “We are very
Already open source contributors are making key lucky to have some initial funding from a private
additions to the project: “One of the pleasing things backer, which is about enough to get us off the ground
that we found was that when we first announced and have some people working on it through to the
what we are doing with the project – which was initial test. We have access to loans… and we’re also
sometime last year – it coincided with some press applying for more traditional research funding and for
from the Berkeley team [who are creating the RISC-V the research aspects of the chip.”
core]. We were a little bit apprehensive about doing
that because we did not have an FPGA thing ready. The start of something big
We thought we should wait a bit longer, but what we “When it comes to producing the final board, we may
found is that we have been able to move at a much well end up doing a crowdfunding campaign if that
faster rate than we would have done otherwise due to seems a sensible way to go, but we decided it is not
people contacting us and offering their help to bring in something we want to do until we are basically almost
some ideas. Right now there are a number of people there and it’s just the case of needing the money.
who have been very helpful in terms of making Right now there are too many unknowns and people
suggestions about design decisions.” wouldn’t know exactly what they were buying, so I do
not think it would be quite right to start at this stage.”
With the money in place, the LowRISC team hope to
have something for us soon. The initial test run of
chips should run toward the end of 2015 or at the
start of 2016. This won’t be a full-scale production run,
but will produce enough for there to be some available
for people in the community to start developing
software ahead of a main run later. You don’t have to
wait until then to start playing with LowRISC though.
The team are putting together a version that you can
load onto an FPGA board: “If you go to the RISC-V
website you can download Rocket Core, which will run
on a Zynq FPGA . We have an FPGA-ready version
The Novena open hardware laptop, created by LowRISC with tagged memory, and then some time this
advisor Andrew ‘Bunnie’ Huang, raised over three quarters summer some of the minion cores as well.”
of a million dollars (three times the goal) in 2014, showing You can stay up to date with the project, or get
just how much desire there is for open hardware. involved with the development, at www.lowrisc.org.
www.linuxvoice.com 39
�4O
�41
� FAQ HTTP/2
HTTP/2
Graham Morrison reviews the sequel to the most common acronym on the internet.
all kinds of online content. Many, such implementation of HTTP would have
GRAHAM MORRISON as the Gopher protocol, can still be only a single command, GET, which
added via plugins, but these days it’s all would request an HTML file from a
about the web, and that means HTTP. server. That HTML was nearly always a
Haven’t we seen the acronym static file formatted with the correct
HTTP before? What do the letters HTTP markup. Markup refers to the elements
You’ve probably seen those four represent? within an HTML file that tell the browser
humble letters so many times What we’ve been calling how to format the text, such as
that you’ve become completely ‘resources’ are actually protocols <h1>heading</h1>, for a title or a
desensitised to their appearance. It’s that grab stuff. A protocol is a definition heading. There are many elements and
the modern fashion to remove them of how those resources should be rules and we’ve all created files like this
from URLs because they’re everywhere, formatted and transferred. The ‘P’ of at one time or another.
but they do perform a vital function. HTTP is ‘protocol’, while the HTT bit is Back at the dawn of the web,
These are the letters that tell your web Hypertext Transfer. everything was made up of static sites
browser what type of resource is at the like this, simply delivering a formatted
end of that link, and for the vast Hypertext? From the early text document to your browser. But as
majority of connections, the resource at 90s? the web has evolved, HTML has
the end of that link is a web page. Yes, the very same. It’s a word become dynamic, created by whatever
that’s fallen out of fashion, but its is running on the web server and code
You mean there are other meaning is fundamental to how the running in your browser. WordPress, for
kinds of resources? world wide web works. The hype in example, will take the posts you insert
Yes, but not so many any more. hypertext is derived from the original into a database, blend them with your
At least not ones that a web Greek meaning of ‘over’, or ‘beyond’. Or themes and comments, and deliver the
browser knows how to deal with. Web within a text file, it’s the link to another final output to someone’s web browser,
browsers used to be able to interpret all resource ‘beyond’ the limits of the whether that’s a phone or a laptop. Tim
kinds of different resources. FTP is still current file or location. This linking is Berners-Lee is credited as the first to
common, for instance and so is ‘mailto’. what makes the world wide web the implement HTTP and HTML and made
In the mid 90s there used to be more as world wide web. The Hypertext Markup the first transfer back in 1991.
the browser was designed to aggregate Language (HTML) is the syntax and
formalisation of that linking with the Is that how browser games
text that surrounds it. work?
“HTTP/2.0 does lots of So HTTP is the protocol used
Not usually. Most of these are
written in JavaScript, a scripting
sensible things designed to to send HTML? language that’s sent as part of a page
improve transfer speed.” Fundamentally, yes. At least in
the beginning. The simplest
and executed within your browser, but
there are lots of other similar
42 www.linuxvoice.com
� HTTP/2 FAQ
technologies. They can even be sent
through a connection after the original
request as part of the same session.
Allowing a single session like this was
one of the new features for HTTP/1.1.
How does all this fit into what
the internet is?
It’s easy to get into a technical
discussion about this, and in
particular, take a deep dive into network
layers. Briefly, HTTP operates at the top
in a layer known as the ‘application
layer’. Your web browser asks for a
page and the server at the other end
replies by sending it. It shares this
space with many other protocols –
IMAP for email, or SSH for a remote
shell, for example.
Even if you have no formal computing There’s an add-on for Firefox that will show you when you’re using an HTTP/2 or a SPDY
knowledge, these protocols will be connection (it’s the tiny green symbol in the location field).
familiar precisely because they’re in the
Application Layer, the layer closest to text-based, but use binary instead, for HTTP/2 is based on a technology
the user. If you look at the IRC protocol, example. It will be the same content, originally developed by Google, called
for instance, you’ll see that it’s very encoded for efficiency. HTTP/2 uses SPDY. SPDY modifies the HTTP
simply constructed. Communication is gzip or DEFLATE compression and transfer in similar ways, only hidden
really just a series of text messages that multiplexes transfers within a single behind compatible clients and servers.
you can recreate manually using connection. TLS security, which you Google was well placed to deliver a
something like Telnet. You don’t have to currently use with HTTPS connections specification like this, considering the
worry about how your messages are to your bank, are also an intrinsic part of free bandwidth upgrade it would receive
encoded, or how they get from your this 2.0 specification, making HTTP from any efficiencies, and SPDY had
machine to the server. This is handled connections implicitly secure. already been adopted by all the main
by the layers beneath: Transport (TCP), browsers as an addendum to the old
Internet (IP) and link (Ethernet). Are there any other specification. Google is now going to
advantages? withdraw SPDY from its own products
If all HTTP is doing is enabling Lots! It’s a free upgrade in that to help get HTTP/2 adopted as quickly
a client to ask for data from a the new version won’t require you as possible.
server, why does it need upgrading? to change anything, or for developers to
The HTTP that most of us use is change their APIs. The new version will Do I need to change my
version 1.1. This has been around just work. As fewer connections are browser to use this?
since 1999, when Google had just eight needed, the load on your server will also Firefox has HTTP/2 enabled from
employees and was moving from its be less. There’s more intelligent cache version 36 onward, and Chrome
garage office to its first real office. Just control, and the server can push data it supports HTTP/2 but it isn’t enabled by
as 1.1 added features that were thinks the client will need without being default. The version of Internet Explorer
becoming necessary as the web grew asked, which should improve response bundled with the latest Windows 10
in importance, so too does HTTP/2.0. times. Plus, encryption becomes a beta also support the standard. Each of
It’s remarkable that the old version has first-class citizen. these browsers only supports the
lasted this long, considering what’s encrypted (TLS) version of the protocol.
happened in the intervening 16 years. Has Tim Berners-Lee had a Safari supports SPDY and is likely to
hand in this upgrade? adopt the changes necessary to add
But what does the new version Not specifically. HTTP/2 was HTTP/2 support, so there should be
do that’s so important? approved in the middle of good cross-platform adoption.
Put simply, speed. We now know February 2015 by the Internet
so much more about how we use Engineering Steering Group. HTTP is so Where can I find out more?
the web and what the user and the web fundamental that no decisions are ever
designer are trying to achieve. made quickly, and decisions like this are The implementation lives on
HTTP/2.0 does lots of sensible things only made after a long and peer- GitHub: https://http2.github.io,
designed to improve transfer speed and reviewed appraisal process. For but you can find clearer information on
efficiency between the client and the HTTP/2, that means 200 design issues, the HTTP Working Group’s own web
server. HTTP is no longer going to be 17 drafts and 30 implementations. portal: https://httpwg.github.io.
www.linuxvoice.com 43
� INTERVIEW EBEN UPTON
A MAN WITH HIS
FINGERS IN MANY
MILLIONS OF PIES
Graham Morrison and Ben Everard meet the man
responsible for more ‘pie’ puns than anyone else
in the world – Eben Upton.
A
t the time of writing, over five Eben Upton has been there from the
million Raspberry Pis have beginning. He’s the founder and the
been sold. That’s the same as CEO of the Raspberry Pi Foundation,
the number of ZX Spectrums sold in and he’s still shaping every aspect of
the 80s. And like the Spectrum, the Pi the Raspberry Pi, from its hardware
is likely to have a far-reaching legacy, to the software. We met Eben shortly
helping the next generation of games before the launch of the model 2. He
designers and computer scientists told us about the effort they’ve put
find their feet. into making the Pi better and how a
Countless numbers of people chance conversation with the boss of
have helped make this happen, but Google shaped the Pi’s future.
When did you start work on the How do you anticipate demand
recently launched Model 2? for the Model 2?
Eben Upton: When we launched the EU: Today is 20 January (the model 2 “The Raspberry Pi is still
B+, we already had Pi 2 silicon – this
was the start of May last year (2014).
went on sale 14 days later), there are
10–20,000 in existence today. Sony will
the best platform out there,
And so the last bits of B+ design were be building 20,000 a day at the end of and we’re making it better.”
done in the knowledge of the pin out on the month, so there will be between
the [Broadcom] BCM2836 [the 100 and 200 thousand on 2 February.
quad-core ARMv7 CPU on the
Raspberry Pi 2]. It was designed so that, That will be in the past by the prototyping other products. That
probably, we’d be able to squeeze Pi 2 time this comes out, so you happens a lot. Then the rest, it’s a split
into the same footprint. can say, “It’s gone brilliantly!” between the hobbyists and education.
EU: It’s gone brilliantly! Nothing went It’s pretty close, I think, to a third, a third
Was that part of the motivation wrong. Everything’s great and everyone and a third: industrial, hobbyist then
behind the B+ redesign? was very happy [much laughter]. We’ll education. You’ve got people who are
EU: Not really. It was something we’d see. I think people will be excited. buying them for themselves, to use as
always wanted to do. We’ve had sequential best months their own media centre, in the hobbyist
over the last few months. All of our last sector, and then you’ve got the
With only a nine months gap three months have been in the top five industrial sector who are buying and
for sales of the then new B+? months we’ve ever had, in terms of integrating them in a sense and selling
EU: Yeah. B+ was a bit late. We wanted volume. It feels like we’re going out on a them to people.
to do the rev. 3, which became B+. high. It’s still a great platform. It’s still
Ideally, it would have been good to do the best out there and we’re just Has there been much traction
that six months to a year earlier than making it better. with the Compute module?
we did, but we just didn’t have any EU: We’ve sold a lot of dev kits but not
engineering time, partly because we Do you have any indication of a lot of Compute modules, which is
were involved in some silicon work for where those 200,000 will go? probably what we expected. I think the
BCM2836. We had limited resources EU: Less than you’d think really. We designing cycles proved to be longer
and they didn’t quite stack up in order to know that maybe a third are going to than we were expecting, so we haven’t
get B+ out. Any less time on the market industrial customers now – these kind had any volume Compute module
may have been a bit embarrassing, but of big batches that fall into a hole and customers. With the exception of a few
B+ has had a solid six and a half disappear. People are using them as things like Slice (a media player using
months, which is alright. industrial controllers, people are the Compute module), where we’ve had
44 www.linuxvoice.com
� EBEN UPTON INTERVIEW
on using Raspbian instead of upstream
moving to regular ARM Debian. We’re
going to benchmark it and find out.
What I suspect we’ll find is there’ll be a
few libraries that pose big performance
improvements, and we’ll swap those
out dynamically.
Is that for the original Pi as
well? We’re assuming the video
decoding stuff in the original Pi was
more suitable for a set-top box or
something you’d put under a TV,
whereas ARM since then has been
used in so many smartphones.
EU: The SoC has been used in mobiles,
set-top boxes and obviously Raspberry
Pi, so it’s a versatile little beastie.
Have you been as involved in
the Raspberry Pi 2 design as
the original?
EU: Yeah. The hardware design for this
was done by James Adams, who’s our
designer. He designed the B+ and the
A+. The design for the original hardware
was done by Pete Lomas. So it’s been
good to be involved, good fun.
Is this the kind of release
cadence we can expect to see
from the Foundation in future?
EU: What, three years? Let’s see, where
does that take us to? 2018. Yes, I do
think we’ll probably want something
else by 2018. Yeah, I think that’s about
a few thousand. But we haven’t seen And the model 2 still has the right. That gives us three years at $35.
those 100,000 orders yet. I think it just Ethernet connection going That’s the lovely thing about this - it
takes a while to design anything and through the USB? gets us into the PC world. It gets us into
you could only buy those in June 2014. EU: We’ve taken the long road to get the entry level PC. It’s the kind of device
here. People have been shouting at us you could give to your gran. We have
“I do word processing on my for two years “Why don’t you go get one
of those ARMv7 (non-Broadcom) chips
people here that are using them as their
second machine at home.
BBC Micro on my desk… I hit you can get for £5 in China?” The
the button and it’s on.”
reason is that I’m not a great fan of Are there any new use cases
them. And also it would just break that you think the Pi 2 will fit
compatibility with the Pi, and it wouldn’t into with the extra power?
When you say you think it’s be a Raspberry Pi: it would be another EU: The desktop is a good use case,
about one third education, is computer, with a Raspberry Pi logo on. running multi-threaded apps.
that almost exclusively UK? We’ve taken this long road of getting an
EU: No, we’ve got a lot of stuff in North SoC which has better ARM You said this Pi 2 has been in
America, quite a lot of stuff in Germany. performance but is otherwise identical development for two years. At
The UK is leading the way – we are the to any Pi device, in order the bring the what point during Pi 1 development
first large-population country to have a community with us. So we avoid ending did you realise you needed to start
decent computing curriculum (Estonia up either supporting two platforms or, designing Pi 2?
beat us). But a lot of the sales aren’t more likely given the number of people EU: It was about six months in that we
curriculum for the class – parents buy we have, ditching support for the old became aware. We sort of stumbled on
them for their kids, clubs buying them, platform. So we are going to keep this thing, so towards the end of 2012
grandparents, that sort of thing. supporting Raspberry Pi 1 for at least a we were like, “OK, how do we get a
couple of years. And we’re likely to keep platform going now?”
www.linuxvoice.com 45
� INTERVIEW EBEN UPTON
Or what the environment might you’re not going to question really. You them. They were not in stock – you had
be like in two years time? kind of think, this guy obviously knows to wait for the next delivery, or for the
EU: Yeah, or what will be relevant to us, what he’s doing, he’s got the biggest next batch of 1,000 units to be made.
what sort of price trajectories of the brain on the planet. I went back to the You can build a business around
components would be and seeing what office and cancelled everything. Every [Raspberry Pi] because you can depend
we could fit in – quite early on. I had a investigation we had into a higher on them existing – like with the Model
really good conversation with Eric performance, incompatible, more B, we still build Model Bs – these guys
Schmidt [executive chairman of Google] expensive device. have sold tens of thousands, probably,
in January – so, exactly two years ago. So the two outcomes of that one we’ve built new (old) Model Bs after the
We’d had all these ideas about doing a conversation are this thing [Eben picks launch of the new Model B+, not just
more expensive model, because there up the Raspberry Pi 2] and the A+. A+ is selling our old stock, but building tens
were lots of small board computers the ‘can we make it cheaper’, ’can we of thousands of Model Bs to supply
that cost around $50, $60, $70, right? sacrifice anything’, though of course industrial customers who built a
We were really starting to see things we’re not really sacrificing anything. I business around the Model B and they
at $60–70, because now there was a think without that conversation, the A+ haven’t been able to transition to the B+
profusion of $50–70 machines, and I might have been a $25 machine with yet. And I think the same thing may
think we can take credit for catalysing half a gig of RAM. We might have happen with the B+ – we’ve sold a
that development. We were thinking we ended up there instead. So the sacrifice couple of hundred thousand B+s.
could do something really great at $60 in some sense is a bit more RAM – that
and I happened to mention it to Eric. He was one outcome of that conversation. Despite Moore’s law, our
said, “So what are you going to do The other was the Pi v2, and they both computers don’t feel any faster
next?” I told Eric we’d been looking at took about two years. than they did 20 years ago. Even an
making a more expensive model. old Raspberry Pi has millions of
Eric said “Don’t be an idiot!” or words Has it surprised you that no cycles per second to use.
to that effect. “That’s completely insane one has come along and tried
“We’ve got a shopping list for
– see if you can make a free computer.” to create something cheaper?
Because obviously I’m patting myself EU: Yeah, it is surprising, I think. It’s
on the back, thinking, “Yeah, you know, I surprising to me but it is tough to do.
ARM7. We know what attention
to detail actually looks like.”
made this $25 computer - then he It’s difficult and it’s hard to do at scale. I
resoundingly refused to pat me on the think you can make these things for
back and slagged me off for it being too this sort of price – and you’ve seen one
expensive.” or two people manage while making EU: It’s got a lot to do with Parkinson’s
sacrifices, often using a less good SoC. law too – work expands to the time
Did you understand what he But Sony will be building 20,000 units a available. So this is kind of the CPU
said instantly? day, at peak, of the Model 2, and it’s version of Parkinson’s law. One of the
EU: Yes. I went back to the office and I really hard to do that. things we’ve done with the Pi is refuse
cancelled every investigation into a So it’s that combination of cheapness to accept that 700 million cycles-per-
faster machine. That afternoon. and availability. There have always been second in the processor is slow. I just
Because it was the right thing to do and small working computers. But often won’t accept it. And people kept saying,
as soon as someone says it to you, they weren’t available. They were a “It’s such a slow processor.” and I’m
particularly someone like that who lovely idea but you just couldn’t buy saying “It can do 700 million things a
second! Your high-definition screen has
only got two million pixels. You can do
350 things to each pixel on your screen
every second. How is that slow?” I don’t
believe it, and [the Pi] has even got
vector operations, and the FP [floating
point processor] has even got
multimedia accelerations, MMX-like
operations. So I just refuse to believe
that they’re slow.
We’ve spent so much money on open
source software. We’ve spent so much
money on the WebKit browser engine
and Libav [for multimedia playback] and
Squeak [an open implementation of the
The Raspbery Pi isn’t just about
Smalltalk programming language] and
the hardware – the chap on the
PyPi [the Python Package Index] and
right here is Ben Nuttall, part of the
Foundation’s education team. KICAD [software for designing electronic
circuits], LibreOffice, even. You look at
46 www.linuxvoice.com
� EBEN UPTON INTERVIEW
By the time you read this the
Pi’s sales figures will probably
be some way in excess of the
five million milestone.
these packages and you think well, I So what we’ve done with Pi 1, we’ve the Pi and running an old image – go
just refuse to believe that this should be gone through everything. We’ve found and run an image from March 2012. It’s
slow. And you go through and you find out why it’s slow. We found out why the amazing, the performance difference.
out why. This is the thing no one ever web browser was slow. And then we It’s amazing how much of a difference
does. Everyone has just been went through and we laboriously turned non-optimised memory copy makes.
mesmerised. You could just sit on your on features, because actually WebKit
arse and in two years time, everything has got lots of great features, because And you don’t have to abandon
will be twice as fast, and that’s coming it will run on mobile phones, but none of all that optimisation work with
to an end. So we’re kind of like the those features are turned on in any of the new model?
future. This increase in performance is the desktop versions. So we went EU: You don’t abandon that. We would
not available to us any more. through and we turned all of those on, have had to abandon it if we’d moved to
plumbed in the video accelerators. We a different SoC. So you’ve got that
But also, it hasn’t succeeded. just did that work. factor of two in the attention to detail.
Our desktops and our laptops You’ve got WebKit and Cairo; we went Some of that stuff will be ARMv6
are still slow. through and we found every pixmap specific, so we’ve got to go back and do
EU: I’ve got a BBC Micro on my desk call they made and then we made sure that for ARMv7, so there is more work
because I do word processing on my they used the fastpath mode and made to do, but the nice thing having done it
BBC Micro. I hit the button and it’s on. If sure that all of them hit fastpaths rather with ARMv6 is that we’ve now got a
I set the jumpers right I can even than the generic and very slow CPU shopping list.
configure it to boot into a word compositor format. Same with Libav We know what attention to detail
processor in one second. Obviously – all your codecs and transport actually looks like – it looks like writing
we’ve gained a lot. But from a strict streams, remapped. all of these functions and we’ll just go
usability point of view it’s really We’ve put two man years into Squeak back and say, for each of those
surprising how much everything hasn’t and Scratch. Two man years on Pixman functions is there already an ARMv7
got any better. and Libav. Four man years on the web version? If there’s already an ARMv7
It’s one of the reasons why I like to browser. version, do we like it? If we don’t like it
ship RiscOS, because although RiscOS let’s rewrite it. If there isn’t one, can we
isn’t a modern operating system and it That’s a huge amount of effort use the ARMv6 function that we
lacks lots of things, it does show you to put in when you could have already wrote? If we can’t use it, then
what you get if you took an OS from the just doubled the CPU speed! use the ARMv7 version. We now have a
mid-90s and don’t add any crap to it in EU: Absolutely! There’s a factor of two shopping list, a kind of handle-turning
the form of features people don’t need. improvement from all the optimisations exercise that will make this platform
And the answer is blindingly fast. we’ve made. It’s worth going back on better over the next six months.
www.linuxvoice.com 47
� LISTEN TO THE PODCAST
WWW.LINUXVOICE.COM
BUY MUGS AND T-SHIRTS!
shop.linuxvoice.com
� INTRO REVIEWS
REVIEWS
The latest software and hardware for your Linux box, reviewed
and rated by the most experienced writers in the business
On test this issue...
50 52
Andrew Gregory
Cat eggs in the flower patch? Time to build the
anti-feline garden intrusion detector.
E
lementary OS got itself in a bit of
pickle earlier this year by asking Xfce 4.12 VLC 2.2
its users for money. Except, it Good-looking, lean, fast, full of useful Ben Everard explores every last corner of
didn’t. There’s nothing wrong with features and refreshingly old-fashioned, the epic VLC media player, an application
soliciting donations, selling products or Mike Saunders is the perfect man to test that can open just about any video
services or raising cash via the world of the latest Xfce desktop. format ever created.
crowdfunding, as the Krita editor has
done to stunning effect (see page 53 for
more on why we’ve fallen in love with it). 53 54 55
No, Elementary got itself into a pickle
with the Gerald Ratner-esque assertion
that users who download its Ubuntu-
spinoff distribution are “cheating the
system” when they download the
distribution without paying for it.
Never mind that Elementary is a
Krita 2.9 Inkscape 0.91 IPython 3.0
spinoff from Ubuntu (which itself is Native CMYK support, a Don’t let the lowly version This interactive
derived from Debian), which is doing modern interface and a load number fool you – this programming environment
very well for itself without feeling the of new tools make Krita vector graphics tool is one provides a whole lot of fun
need to insult its users. Never mind the Graham Morrison’s of the best on any platform, for the mathematically
silly language. The fact is that, if there favourite image editor. says Graham Morrison. minded Ben Everard.
were an up-front price tag on
Elementary OS, it would lose almost all
of its users. BOOKS AND GROUP TEST
In a world where there are so many
Now that the internet of things is upon us, and many
almost perfect substitutes for
households will have several devices at home that
Elementary (Xubuntu, Lubuntu, Debian, can all attach to the internet, it makes sense to have
Mageia et al), all free of charge, any one place to store media in the house that all these
other desktop distro will have a hard devices can access, rather than having them
time convincing anyone to pay for it. scattered piecemeal on several devices. That’s the
whole point of a NAS box (Network Attached
Charge for something else – upgrades,
Storage); there are many ways to run a NAS
codecs, early access to features – but depending on your needs, and our Group Test this
expecting people to pay for what they issue is dedicated to helping you find the best one
can for free elsewhere is silly. for you. Also – there’s a new book by Bruce Schneier!
andrew@linuxvoice.com
www.linuxvoice.com 49
� REVIEWS DESKTOP ENVIRONMENT
Xfce 4.12
It has taken almost three years, but a shiny new version of this GTK-based
desktop is here. Mike Saunders investigates.
X
fce’s position in the Linux desktop ecosystem the whole desktop from source by following the
DATA has changed considerably in recent years. At instructions at http://docs.xfce.org/xfce/building.
Web
one time it was widely regarded as a It’s a good idea to remove any previous installations
www.xfce.org lightweight alternative to Gnome, but when that beforehand if you elect to do this.
Developer desktop had a massive (and controversial) redesign in
Xfce team Gnome 3, Xfce became the “classic” alternative, New features
Licence providing a traditional environment that didn’t shake So, what’s new in this release? From a cosmetic
GPL, LGPL and BSD
licences
everything up with redefined paradigms and standpoint, one of the biggest improvements is
“enhanced user experience” shenanigans. Xfce was rudimentary HiDPI support. If you’re unfamiliar
the go-to desktop for people who primarily used with the term, HiDPI refers to very high resolution
GTK-based applications but just couldn’t get on with displays – such as those used on the MacBook Pro
Gnome 3. “retina” models, the Chromebook Pixel, and various
But then Mate arrived, providing a continuation of other recent laptops. The Linux desktop is very much
the Gnome 2.x codebase and its more conservative a mixed bag when it comes to HiDPI, with some
interface, leaving Xfce as “that other desktop”. Yet applications looking fantastic, some looking rubbish,
Xfce has been able to fill an important role: it’s halfway and most falling somewhere in between. Gnome and
between a simple window manager and a fully- KDE have a chunk of work on HiDPI, and now Xfce
fledged desktop environment, providing a consistent has made a start by including a couple of window
set of tools and configuration utilities, without decorations that work better on those displays. It
expecting developers to write applications against doesn’t magically make everything better, and you’ll
its libraries (as in KDE and Gnome). Xfce 4.12 has still have problems with tiny (or blocky) icons in
been a long time coming – nearly three years – and places, but progress is being made.
promises to fix some of the major quibbles present in
previous releases. Switchy switchy
All being well, Xfce 4.12 will make it into the next Meanwhile, Alt+Tab switching has been greatly
round of distribution releases, including Xubuntu improved. If you enable the Xfwm Compositor (Menu >
15.04. If you’re desperate, you should be able to get it Settings > Window Manager Tweaks > Compositor),
Xfce 4.12 doesn’t look
via a rolling-release distro such as Arch; we installed you’ll see that there’s an option for ‘Show Window
radically different to
previous releases, but it it from Arch’s Testing repository, but it will probably Preview In Place Of Icons When Cycling’. This
has new HiDPI window have migrated into the main repositories by the time generates thumbnails of windows when switching
decorations and you read this. If you’re feeling especially ambitious and with Alt+Tab, which is tremendously useful if you have
compositor improvements. have a bit of time on your hands, you could try building multiple windows open from the same application. If
you prefer a vertical list view, that’s also now provided
under the Cycling tab (see ‘Cycle Through Windows In
A List’).
One notable feature missing from previous Xfce
releases was workspace-specific backgrounds. This
has been a common request among Xfce users,
and helps if you split your workspaces into different
categories. For instance, if you have one workspace
devoted to work, another to your personal stuff, and
a third to something else, it can often help to have
different wallpapers for each one, to really distinguish
between them. So now, in the Desktop Settings tool,
there’s an ‘Apply To All Workspaces’ checkbox –
untick that and drag the tool to a different workspace
to set its own specific background.
Similarly, if you work with a multi-monitor setup,
you’ll be chuffed to discover that choosing a layout
is now quicker and easier than before. When you
plug in an extra display, a box pops up asking which
layout you want (eg mirroring the current display, or
extending it to the right). You can then fine-tune the
50 www.linuxvoice.com
� DESKTOP ENVIRONMENT REVIEWS
specifics in the usual Display configuration tool. The
Appearance tool has also been updated, now showing
previews of colour schemes and icon themes.
Another popular request from Xfce fans has been
intelligent panel hiding. Up until now, there have been
two options in the desktop: show panels permanently,
or hide almost all of them except for a tiny sliver.
When you mouse over that sliver, the panel pops up.
Xfce 4.12 introduces an intelligent panel mode: panels
are visible all the time, unless you drag a window over
them, in which case they disappear. Move the window
away and the panel pops back up. It’s only a small
touch, but useful if you don’t have much screen space
to play with.
Power management has seen major improvements,
with a redesigned power settings dialog and a new
panel plugin which lets you change screen brightness
with a single click. (Note: if you’re been running a
recent Xubuntu release, you may have seen these
improvements already, as Xubuntu has included some
features from development snapshots of Xfce.) If you
use the Light-locker screensaver program, you can
Good news for laptop users: the power configuration has been revamped, separating
also configure it from inside the power settings dialog.
button and lid actions from overall system behaviour.
It all feels much more cohesive than in previous
releases, and brings Xfce up on a par with KDE and
Gnome on laptops. yes – absolutely, unequivocally yes. Sometimes
we’re reluctant to recommend major upgrades when
Hover hand software is very fresh and bugs have yet to be found,
Many of the tools and utilities bundled with Xfce have but Xfce 4.12 has been in development for years, and
received updates. The Thunar file manager, for many of its components have already received plenty
instance, now supports tabs, so it’s possible to have of testing in recent Xubuntu releases. We found it
multiple filesystem locations open without having to to be rock-solid, with no noticeable regressions, and
juggle several windows. During drag-and-drop wholeheartedly recommend the upgrade. Xfce still
operations, you can hover the cursor over a tab and its doesn’t have all the bells and whistles of KDE, but for
contents will be displayed users who want something
– a neat little touch. lighter on the RAM banks, it
Another useful addition is “Is it worth upgrading to provides all you need.
the ability to select multiple
items in Thunar and bring
Xfce 4.12? Yes – absolutely, There’s also something
else important to point out
up a single properties unequivocally yes .” about Xfce. On the project’s
dialog, showing a total size website, the developers
of all the files and directories. make it clear that most of the screenshots were taken
One of the long-term goals of the Xfce team is to on OpenBSD, highlighting that the desktop is not tied
port the desktop environment to GTK 3. This is a big to a particular operating system. As Gnome and KDE
job, but will bring many benefits such as proper HiDPI make moves to become more dependent on Systemd,
support across the whole desktop. The bulk of Xfce and thereby potentially limiting themselves to Linux in
4.12 is still based on GTK 2, but some utilities have the long run, Xfce’s platform independence could be
made the switch, such as the Mousepad text editor a major winning point for users who want the same
and Parole media player. The latter program can now interface across Linux, the *BSD flavours, and even
support multiple video back-ends and nifty controls other variants of Unix. We’re not slamming Systemd
that slide over and disappear after a timeout here – it brings several benefits to the table – but Xfce
Finally, the Xfce Task Manager has seen a bunch could turn out to be the most portable desktop of all.
of improvements, with a better tree-like view of And that, for many users, is a big deal.
processes, the ability to filter by name, and a port to
GTK 3. In the coming months, we can expect more of
LINUX VOICE VERDICT
Xfce’s bundled programs to be spruced up and ported
Fast, light, attractive, customisable and
to the newer toolkit, even if it takes longer for the portable – the new features in version
desktop as a whole to make the switch. 4.12 bring Xfce close to perfection.
So, bearing in mind all these changes, is it worth
upgrading if you’re happy with Xfce 4.10? We’d say
www.linuxvoice.com 51
� REVIEWS VLC 2.2
VLC 2.2
Ben Everard has a library of several thousand high-definition cat videos. He just
needs a media player that can do them justice.
T
o play a video at 30FPS on a fairly modest
DATA 1080p screen requires changing over 62
Web
million pixels each second. If that sounds a lot
VideoLAN Organisation for a PC, consider that it can be done on a low-power
Developer ARM chip in a smartphone. Playing video smoothly is
www.videolan.org something that we take for granted, but takes a
Licence staggering amount of computing power to perform
GPL and LGPL
because the pixels don’t just have to be changed: the
new values are calculated based on previous values,
movements and spatial frequencies. It’s only possible
to play videos because we have highly optimised
software to encode and decode videos (known as
codecs), and these are designed to take maximum VLC is the most downloaded piece of software from
advantage of special video hardware in the computer. SourceForge, with almost 900 million downloads.
Before VLC became popular, playing video on a
computer usually involved manually finding and embedded world. There are now releases for Android
installing the appropriate codecs – provided they (and Android TV), Windows Phone, WinRT and iOS.
could run on your hardware. VLC was the first piece of Not all the mobile versions are yet considered stable,
video playing software that ‘just-worked’ with almost but this release brought the first stable version of VLC
every video standard, and it made watching video on For Android, which comes with a redesigned interface
computers easy. that should fit in better with other Android apps. If
The biggest improvement in this area in the new you’re installing on Android, make sure you get the
release is the improved support of two new, high- VLC For Android (without the word Beta in the title) app
efficiency codecs: VP9 and HEVC (also known as by Videolabs, as there are a few others that use the
H.265). Both of these offer significant filesize savings same traffic cone icon.
over older codecs. VLC has brought this ‘just-works’
approach to other platforms. As well as supporting Improved performance
just about every desktop OS currently developed For low-power devices such as the Raspberry Pi, this
(including some unusual systems such as QNX and new version brings improved OpenMAX (Open Media
Syllable), VLC is rapidly expanding into the mobile and Acceleration – a standard for hardware acceleration)
support, as well as improved efficiencies in the
acceleration generally, which should improve
performance by reducing load on the CPU during
playback. However, for all the advances behind the
scenes, the interface for VLC remains functional rather
than stylish, at least on the desktop. You can install
skins to make the application look different (you can
get these from www.videolan.org/vlc/skins.php), but
none of these fundamentally change the method of
interacting with the application.
Version 2.2 is another solid release for VLC. It fixes
over 1,000 bugs and brings support for more formats
and more devices. Most of the updates are behind
the scenes, so it’s well worth updating even though
you may not notice the differences straight away. If
you’re an Android user, this release is an even more
important upgrade.
The touch controls to VLC LINUX VOICE VERDICT
on Android can be a little VLC remains the most capable media
confusing, but it provides player available on any desktop OS.
an instructions overlay
when you start a video.
52 www.linuxvoice.com
� KRITA REVIEWS
Krita 2.9
Graham Morrison looks at the biggest Krita release ever.
And refrains from drawing Richard Stallman!
I
f you were in any doubt that crowdfunding can
work (and you shouldn’t be if you’re reading this
magazine) the team behind Krita has just pushed
out a huge update – thanks to crowdfunding. Most of
the additional features in this update are thanks to a
hugely successful Kickstarter campaign that
concluded in July 2014. The team raised €19,995 to
fund two developers, Dmitry Kazakov and Sven
Langkamp, to work on a set of specific features. As a
result, eight months’ work has yielded the biggest
update Krita has seen.
At the top of our list of favourite new features is the
incredible perspective transformation tool. This
enables you to warp, shape and manipulate the pixels
within a selection by dragging the corners of the
selection as if they were located in 3D space. The
transformation will even show the vanishing points for
edges, and it’s a brilliant tool for fixing or matching
selections that need to be pasted onto something that
isn’t flat. It’s also great fun – just like playing with a
similar feature in the old Deluxe Paint, except that the
final output in Krita looks perfect. Similarly, with the
cage transformation, you can create anchor points
You can adjust selected
and move these around to adjust the selection they transformations are previewed in real time thanks to
areas in 3D space, and use
contain. These transformations go particularly well the new transform masks, and we had no problem assistants to help you
with the new options for the perspective assistant. using them, even though finding the control to draw onto the projected
These snap your drawing cursor to a specific plane activate them was a little unintuitive. Not as exciting, canvas.
within 3D space, allowing you to sketch perfect cubes, but just as useful, you can now work on more than
or roads, or 1970s-style string art. one project within the same window, as new projects
are added to a separate tab. You can switch this view
We are the children of Tony Hart to a preview of whatever images are loaded, which is DATA
Also falling into the fun and useful category is the useful if you’re working on a sequence.
Web
liquify tool. This allows you to drag sections of an There are many, many other features added to http://krita.org
image as if they were stretched across a rubber this release; RAW support, improved Photoshop Developer
sheet. Slow dragging will leave subtle distortion compatibility, exposure controls and new filters. We Team Krita
along the path of your stroke – very useful for adding also found this release to be significantly less CPU Licence
GPLv2
waves to curtains or cloth, or even reducing them, as intensive. We did experience a few crashes, but
well as lots of other creative distortion. All of these that was probably because we were pushing the
3D transformations too far. As you can probably tell
by the kind of examples we’ve been using, Krita is
going beyond being an exceptional drawing tool and
entering the realm of image editing and processing.
We find ourselves launching Gimp far less – especially
as Krita has always had CMYK support, for example,
and its modern, adaptable user interface leaves Gimp
way behind. We think it’s brilliant.
LINUX VOICE VERDICT
This is a huge release. Perfect for
amateurs and even professionals
working with any kind of imagery.
The transform effects render such high-quality changes
to the image, subtle use makes their use difficult to see.
www.linuxvoice.com 53
� REVIEWS INKSCAPE 0.91
Inkscape 0.91
For a major new release, this leading vector graphics editor
really should be at version 1.0 or 2.0, thinks Graham Morrison.
V
ersion 0.91. Surely a minor update? Not worth
DATA a review? That’s what most users would think,
Web
were they not primed to think like open source
inkscape.org developers. Of course, Inkscape 0.9 is a major update
Developer and the first for four years. And that’s not even the half
The Inkscape Team of it. Literally. This version number scheme isn’t a
Licence vestige of some old system, because the previous
GPL
major release was 0.48 from 2010. The development
team has since jumped half a unit to reflect “its
maturity as a vectors graphics editor,” rather than as a
tool for humbly editing SVG images, which was
Inkscape’s original intent. So 0.91 it is. The first major
release of Inkscape for four years.
Putting version numbers aside. Inkscape is now the
de facto open source vector graphics editing Vector Lovers is both an electronic music ensemble and a
application. That’s a huge achievement, and it’s a collective term for everyone who thinks Inkscape is ace.
genuine alternative to Adobe’s costly Illustrator. We
use Inkscape for creating and editing our own the upgrade, because we typically use many different
scaleable graphics. It’s very powerful and without any layers for our own projects.
doubt, easily capable of professional output. The new measurement tool is also awesome. Click
But you need to know what you’re doing to get the and drag away from a point and the cursor turns into
best out of it. The main reason for the long delay a protractor, complete with the distance and angle
between releases is that the rendering engine has of the new point against the old. This is brilliant for
been completely replaced with the Cairo vector design, because you often want to hit specific points.
graphics library. This is the same engine used by
Gnome 3.x and numerous other projects, and Cairo is Walk like an Egyptian
now mature enough to handle much of the Another function we use is ‘Trace Pixel Art’. This will
functionality required by Inkscape. It’s faster and more turn a low-resolution bitmap image, such as a sprite
efficient, although we still had problems with large and from an old video game or an icon, into a matrix of
complex illustrations, or with certain filters that added Bézier curved scaleable cells. It’s not practical in the
greatly to the number of points. way that the old Trace Bitmap function attempts to
There are so many additional features that we don’t be (fortunately, this tool is still there), and definitely
quite know where to start, so we’ll focus on those can’t be used for large images, but it does create a
few that make most sense to us. Firstly, you can lovely pixelated version of the original that looks great
now move layers around, just as you’ve been able in print. We also like the the new PowerStroke. This is
for a couple of decades in Photoshop. You can also one of the path effects that traces the route across
drag and drop layers on top of one another to create your nodes and enables you to adjust the thickness
easily navigable groups. This feature alone is worth of that path around the nodes, and the new version
allows you to click on special nodes to adjust this
thickness in a far more intuitive and creative way.
Vector images have never been so important. High-
DPI screens and hardware acceleration for rendering
are turning SVGs into the new native image format,
especially for GUIs. And there’s nothing close to
Inkscape – it’s a brilliant piece of software that’s just
taken a huge step forward.
LINUX VOICE VERDICT
Just think how rubbish your desktop
The new Trace Pixel Art icons would look if we didn’t have
feature in action. Inkscape.
Converting a KDE pixel
icon into bubbly vectors.
54 www.linuxvoice.com
� IPYTHON 3.0 REVIEWS
IPython 3.0
Interacting with Python may sound like a recipe for asphyxiation,
but with the right tools, it needn’t be, finds Ben Everard.
I
Python is a project to improve the interactive shell
for the Python programming language. That
means it’s not designed for writing programs that
run as a whole, but for executing code line by line as
it’s entered.
IPython can be run in a terminal (by starting it with
ipython console), in its own window (by starting with
ipython qtconsole), or in a web browser (by starting
with ipython notebook). Functionally, all of these work
the same; they just use a different user interface.
The main focus of IPython isn’t on writing software,
but in using the interactive shell to explore code and
data. IPython really shines in areas like data analysis
where the user wants to use the power of the Python
tools (such as SciPy and Matplotlib) to interactively
analyse a data set. Compared with the standard
Python shell, IPython offers far more functionality
You can try IPython
for tracking what you’re doing, introspection and three key scripting languages that the software will
without installing it by
displaying media. IPython also makes it easier to target. IPython will live on as the back end, and you’ll going to try.jupyter.org.
parallelise your processing in a standard manner, still be able to use Jupyter in much the same way as
which helps speed up the analysis of large data sets. IPython works today. The two additional languages are
both targeted at a scientific and analytic audience.
Serious work The browser-based notebook is already branded DATA
Exporting sessions is another area in which IPython Jupyter, and there are some new poly-lingual features.
Web
shines, so you can share your work with colleagues. For example, you can create a new notebook using a www.ipython.org
This can be used for collaboration, but it’s also used in different kernel from within the web app itself where Developer
the academic community for presenting results, and previously you had to start a new notebook server. IPython Development
some books have even been published in the IPython As well as using the language of the kernel, IPython Team
Licence
format (for example Probabilistic Programming and includes some features for interacting with the host
BSD Licence
Baysian Methods for Hackers: http://bit.ly/1ta2E3y). OS. Any line starting with a % sign is processed by
The project is in the process of changing. The IPython itself. This creates a mini-language of magic
features that made IPython so useful for working with (in IPython terminology) commands for doing things
Python are also useful for other interpreted languages, like interacting with the filesystem and the host OS
and the front-end has now split in a language-agnostic that can be run alongside the kernel language.
way. You can already use other kernels (ie languages) Version 3 is mostly backwards compatible with
beyond Python in IPython, and version 3 will be the last earlier versions, but there are a few changes that
release to be called IPython. In the future, it’ll be called could cause problems. The ones you’re most likely to
Jupyter – a contraction of Julia, Python and R, the hit are in widgets for the browser-based notebooks.
You can take a look at the migration guide at http://
ipython.org/ipython-doc/3/whatsnew/version3_
widget_migration.html.
IPython had previously established itself as the best
open source numerical and data analytics platform.
Version 3.0 cements this lead, and the growing
acceptance of new languages in the project make it
accessible to a larger audience.
LINUX VOICE VERDICT
IPython continues to set the
standard for interactive programming
environments.
The Qt interface now has improved support for Qt 5,
making it a better fit for more modern interfaces.
www.linuxvoice.com 55
� REVIEWS BOOKS
The Secret Life of Bletchley Park
Ben Everard gets a timely reminder to use secure passwords.
T
he cryptography and computer each period is used to investigate a particular
science of Bletchley Park are well aspect of the Park. Hiring staff,
known, at least now. However, how accommodation, entertainment and food
did this code-breaking institution come each came with their own challenges in
about, how did it run, and how did it remain rationed, war-time Britain.
secret for so long? In The Secret Life Of The Secret Life of Bletchley Park will
Bletchley Park, Sinclair McKay talks to the fascinate anyone who wants to know more
people who were there about what went on. about the behind-the-scenes running of the
The staff of Bletchley – many of whom famous institution, though people looking for
were plucked straight from university – in-depth technical details of the work at
stayed with local families, as there was only Bletchley would be better served by a
enough space on the main campus for the different book.
offices. Thrown together in the chaos at the
start of the war and left to get on with the LINUX VOICE VERDICT
business of cracking uncrackable codes, the Author Sinclair McKay
staff of Bletchley Park developed a unique Publisher Aurum Press Ltd
culture. McKay takes the reader into this ISBN 978-1845136338
Price £8.99
environment and follows the park through its
The Secret Life of Bletchley Park follows the
triumphs and setbacks during the war. human side of the early cracking pioneers.
The Secret Life of Bletchley Park charts Bletchley Park is now a museum marking the
the changes at the park chronologically, but achievements during the second world war.
Jagged Alliance 2
Ben Everard dons his rose-tinted glasses and gazes back at games past.
J
agged Alliance 2, or JA2 to its fans, The modern Indie movement has reversed
is a turn-based role playing game this trend.
released in 1999. While it isn’t Kazemi talks to a lot of the people behind
generally considered a commercial success, the game from developers to designers to
it did develop a loyal fanbase, and in 2001 it voice actors to publishers, and together
became the first game that Tribsoft ported creates a complete picture of what went into
to Linux. In this book, Darius Kazemi looks it. Games development has changed beyond
back at the game, how it was developed, and recognition in the intervening years both
how the various components came together from a technical and business perspective,
to make the finished game. so this can’t really be viewed as a particularly
Jagged Alliance 2 (the book) follows instructive book for people looking to get
development of the game chronologically into the industry. Instead, it’s a little slice
from the first game in the series to the of history that’s been saved for those of
various mods and expansions. Through this us that fondly remember an earlier era
canvas, it explores how games were in the history of PC gaming.
developed in the 90s, the business of games
(as it was then), and the commercial
pressures on games companies. LINUX VOICE VERDICT
This all happened during the period when Author Darius Kazemi
the games industry was transforming from Publisher Boss Fight Books
ISBN None
the 80s, when a talented individual in their Price $4.95 (ebook) $14.95 (paperback)
bedroom could create a commercially Games are now part of our culture, and can’t be
successful game, to the industry of the forgotten when technology moves on. Jagged Alliance 2 is part of Boss Fight Books, a
2000s, when creating a game required crowdfunded series based on classic computer
millions of pounds and an extensive team. games: http://bossfightbooks.com.
56 www.linuxvoice.com
� REVIEWS BOOKS
Data and Goliath ALSO RELEASED…
Mike Saunders dives into the debate on mass surveillance.
W
hen Bruce Schneier talks,
people listen. He’s one of the
most prominent experts on
security and cryptography, and his latest
book aims to bring the debate about mass
surveillance – from both governments and
companies – to a wider audience. If you were
Data and Goliath points out that mass wondering what
Of the book’s 370
surveillance and infiltration isn’t just a to get Ben for
pages, 120 are notes
his birthday…
problem for our personal rights, but it’s on the main text.
also severely impacting the ability to do Blockchain
business in the modern age. He notes puts forward a series of solutions to the Cryptocurrencies are here to stay. We’re all
several companies that have recorded problem – practical and sensible – which going to need to understand how blockchains
major losses in profits since the Snowden could help us to find a middle ground. Will work and how they can guarantee the validity
of a transaction if we want to safeguard our
revelations – after all, who wants to do anyone listen though?
finances. Even though it’s a complex subject,
business with a country or company that it’s easier to understand than banking.
sneaks backdoors into everything? LINUX VOICE VERDICT
What makes Data and Goliath a good Author Bruce Schneier
read is Schneier’s understanding that Publisher Norton
there’s inevitably a trade off in this world. ISBN 978-0-393-24481-6
Price £18.45/$27.95
He accepts that there are legitimate needs
Nothing shocking for geeks, but a book that
for government surveillance, and also that all politicians and CEOs should read.
many business models are based on
having access to customer data. So he
Perfect for
software
developers
who want to
Learn to Program with Minecraft Plugins build stuff.
Graham Morrison pretends he’s working when he’s really playing. Practical Electronics (Early Release)
We wish we’d been taught some electronics at
A
school, rather than Home Economics.
ny book that starts with a Fortunately, this title looks perfect for filling in
reference to Colossal Cave the gaps in our knowledge. It’s raw and
Adventure, a game from 1976 that unedited in its current form – a book in beta,
was purely text-based, is already winning. but it means you get hold of the content now.
Learn to Program With Minecraft Plugins
presents the challenges and creativity of
writing your own Minecraft plugins in the
same way you might play Colossal Cave, Make sure you
starting with a brief overview of both the get the Second
command line and text editors before Edition!
diving into some code to build a house.
We love the way in which programming Which means the only slightly negative
theory is interspersed within the process aspect in our view is our confidence in
of doing cool stuff with Minecraft, and the its future, now that Microsoft owns the IP Kathy Sierra has
layout and logical flow of the writing is to Minecraft. written another
excellent. If you’re into Minecraft, it’s a book. That is all.
brilliant way of harnessing your LINUX VOICE VERDICT Badass: Making Users Awesome
imagination to learn programming. Author Andy Hunt We’ve been looking forward to this for a long
However, there’s one huge caveat: make Publisher Pragmatic Bookshelf time. It’s the return of Kathy Sierra and her
ISBN 978-1-941222-94-2 wonderful insights into what makes things the
sure you get the second edition. This is
Price £19.50 way they are. Here she answers one simple and
because the first edition relied on the
A great way of combining your love for compelling question: why does one similar and
Bukkit library, which has since disappeared. Minecraft with a desire to learn to code. competing product outsell the other?
The second edition replaces this with
CanaryMod and does the same thing.
www.linuxvoice.com 57
� GROUP TEST NAS DISTROS
NAS DISTROS GROUP TEST
A compulsive data hoarder, Mayank Sharma is constantly
on the lookout for more spaces to fill.
On Test NAS distros
W
hat’s a terabyte to a data Almost all NAS solutions also
FreeNAS connoisseur? If you’re offer additional advantages.
URL www.freenas.org like us, you probably Instead of simply pooling together
VERSION 9.3 have more data than spare USB the attached disks, they let you
LICENCE BSD Licence ports. While external drives are a arrange the available space into
How does the most popular NAS distro great way to quickly and different RAID configurations and
stand up to the competition?
conveniently add extra storage, give you control over how you want
they have their drawbacks. For one, to store your data. You can decide
NAS4Free their data retrieval capabilities are to spread your data across the
URL www.nas4free.org restricted to the computer they are drives or create different levels of
VERSION 9.3 connected to. This might work for redundancy for an effective backup
LICENCE BSD Licence individual users with single PCs but solution. Most NAS solutions
Can the spiritual continuation of the isn’t a practical solution for a support a variety of protocols and
original FreeNAS code, top the real thing? household with a variety of devices. can be accessed from multiple
To add flexibility to your data operating systems and devices.
Open Media Vault storage and retrieval you need to
use a network-attached storage
Some even allow access to remote
machines outside the network.
URL www.openmediavault.org
(NAS) solution. With a NAS you can Many NAS solutions can do a lot
VERSION 1.9
LICENCE GNU GPL v3 essentially share the storage with more than just back up and restore
Led by a former FreeNAS developer, does everyone on the network. While files – you can extend them with
this Debian-based distro have what it takes? you can pick a prefabricated NAS plugins to do a variety of tasks.
box from PC World, it doesn’t take Some enable you to stream media
much effort to build one yourself. to computers and others devices.
Openfiler Community Edition In this feature we’ll test some of Others can hook up with apps and
URL www.openfiler.com the best NAS solutions that offer services and allow them to use the
VERSION 2.99 you the features and flexibility of a NAS for storing and retrieving data.
LICENCE GNU GPL v2
commercial NAS minus the cost of Read on to find out which NAS
Will this open source version of a
proprietary software. solution works best for you.
proprietary solution pound the rest?
EasyNAS “With a NAS solution you can share the
URL www.easynas.org storage with anyone on your network.”
VERSION 0.5.3
LICENCE Several
free software licences Evaluating network attached storage
Just a clever name?
The most popular NAS solutions aren’t Although the NAS solutions on test
based on Linux, but rather on FreeBSD, support a variety of features, since
Turnkey Linux File Server which isn’t necessarily difficult to install they’re primarily handling data, we’ll
but has its own peculiarities. We’ll also keep an eye out for associated
URL www.turnkeylinux.org/fileserver
pay special attention to their respective capabilities such as data encryption and
VERSION 13.0
administration avenues. Virtually all of redundancy. Solutions will also be
LICENCE GNU GPL them have graphical web-based admin awarded for the number of useful
What’s a file server doing rubbing interface and we’ll rate them for their plugins and extensions and their
shoulders with NAS distros? ease of use and flexibility. support infrastructure.
58 www.linuxvoice.com
� NAS DISTROS GROUP TEST
Build a NAS box
Let’s go shopping.
A
NAS solution requires both software disk exclusively for themselves, which If your requirements are modest, you can
and hardware. While this feature will makes it pointless to use a 1TB disk for even turn a Raspberry Pi into a cheap NAS
help sort out the software bit, you’ll installing the NAS distro. Some NAS distros server. Just attach a large portable USB disk
need to put together the hardware for your can also live off USB disks. to the RPi and install and configure Samba
DIY NAS box. The most important part of You’ll also need a mini-ITX motherboard on it to make it accessible from anywhere
the NAS box is the storage. Although you to power the NAS box. Look for one that on the network. If you need redundancy, you
can use a solitary hard disk, you should supports multiple SATA drives. Memory is can attach another USB disk and duplicate
definitely start with at least a couple. You’ll important too, and since it isn’t as expensive the data in one to the other with a simple
also need a smaller one on which to install as it used to be, we recommend you pick up rsync command and then make the process
the NAS software: most NASes requires a at least 8GB to be future proof. automatic with cron.
OpenMediaVault
Lock and load.
T
he OpenMediaVault (OMV) NAS
distro is designed for small
businesses and home users, and
has modest hardware requirements.
Installation is pretty straight-forward since
OMV takes over the entire disk. This might
seem like an odd choice, but you can install
OMV on to a removable USB disk as well.
Due to its specialised nature, OMV lacks the
baggage of a normal distro and can easily fit
inside a 4GB USB disk.
Once it’s up and running, you can
manage the distro from its browser-based
administration interface, which is well OMV, built on Debian Wheezy, is chock-full of features and can easily take on new ones with plugins.
laid out, with the options listed in a logical
manner. OMV will detect all attached disks the network using a variety of ways. OMV some NAS distros but are missing from the
and even lets you wipe them securely. You supports various popular protocols and base OMV installation. For example, OMV
can also enable SMART monitoring for the services, including NFS, SMB/CIFS, FTP, doesn’t let you pool multiple disks into a
disks and schedule tests. TFTP, SSH, rsync and more. Each service logical volume by default. Similarly, OMV
You can use the disks attached to the has its own configuration and management can’t interface with a directory server, but
OMV NAS individually or assemble them in screen. You can configure various aspects with the LDAP plugin it can be made to fetch
a RAID array. OMV defaults to RAID level 5 of each service before enabling them, and user authentication information via LDAP.
but supports all RAID levels. You can also can define the shares for the different Then there’s a plugin that lets you stream
format the individual disks or the RAID services individually. the music stored on the NAS and another
device from the web interface. You can conduct regular system that can automatically synchronise a shared
OMV can create and manage EXT3/4, maintenance tasks such as installing folder to a plugged-in device.
JFS, and XFS filesystems. You also get the updates from the web interface. The distro The project has plenty of support
option to assign disk quotas to individual has custom command-line scripts for tasks infrastructure, with enough documentation
users, and the distro has ample options for such as upgrading to new releases, and you on its wiki and an active forum board. You
managing users. There’s also the option can schedule them via the web interface. can also sample OMV’s admin interface
to import multiple users in a particular One of OMV’s strongest suits is its ability using the demo installation on its website.
format, and you can define per-user access to take on new features with plugins. The
permissions for every shared folder. distro ships with 11 officially supported
plugins and you can add a variety of VERDICT
A feature-rich NAS distro
All-rounder third-party plugins hosted on omv-extras. that’s easy to deploy and
Once the storage has been added, you org. The officially supported plugins add a manage.
can access the NAS from anywhere on couple of features that ship as standard on
www.linuxvoice.com 59
� GROUP TEST NAS DISTROS
Turnkey Linux File Server
Go go gadget.
T
urnkey Linux produces a range with the Samba module with which you
of self-contained distros all can graphically configure Samba. Using
based on the latest stable the Samba module you can change the
Debian Wheezy release. You can default workgroup and Netbios name
download all Turnkey Linux distros as of the Samba installation as well as add
installable live ISO images or as virtual and remove Samba shares and fine
disks optimised for various tune their permissions. You can also
virtualisation platforms such as use Webmin to add users to the base
VirtualBox, OpenVZ and Docker. Debian distro.
The File Server appliance includes While the Turnkey Linux File Server
a pre-configured Samba installation. distro is the simplest to deploy and use, The distro includes AjaXplorer for accessing your files
Think of it as a bare Debian installation it’s also very bare in terms of features. from the browser and mobile devices.
with a fully configured and working Unlike most NAS distros, it’ll let you use
instance of the Samba server. The the free space on the disk it’s installed volume management (LVM) on Debian.
server will show up on your network on. You can also add additional disks Furthermore, the distro doesn’t include
as soon as you’re done installing it. and share them via Samba. But to use the ability to configure RAID like most
By default, the Samba installation has them together as a virtual volume, other NAS solutions on test, nor do you
configured shares for every user’s you’ll need to be familiar with logical get a multitude of protocols, so you’re
home directory and a public storage restricted to using SMB.
area readable and writeable by all users.
The distro also ships with Webmin “Think of it as a bare Debian VERDICT
for managing various aspects of the installation with a fully A no-fuss distro that’ll set
configured Samba server.”
up a fully functional file
underlying distro from the browser. The sharing server in no time.
customised Webmin installation ships
Openfiler Community Edition
Open for business.
O
penfiler is one of the most interface is one of the most complex
comprehensive solutions on and unintuitive. It’s the KDE Control
test. It’s based on the now Centre of NAS interfaces. It presents an
defunct rPath Linux and is distributed endless sea of options and sub-options
as an installable image for 64-bit that depend on each other but aren’t
machines and also as pre-installed disk coherently presented. For example, to
images for various virtual machine pool multiple disks into a simple virtual
monitors including Qemu and Xen. volume, you’ll first have to partition
In addition to common NAS the disks, then hunt for the option to
features, Openfiler supports a variety arrange them in a volume group and
of enterprise-specific features such then find options to create a volume Openfiler switched to CentOS in 2013 and there’s a
as support for LDAP, Active Directory inside them. If you still can’t access CentOS-based version for testing, but no final release.
and authentication protocols such the disks, that’s probably because
as Kerberos 5. Furthermore, its share you haven’t enabled and configured out €9.99 (about £7.50). There are
management also leaves little to be the sharing services. The process to several support packages on sale as
desired. Besides arranging attached arrange the disks in a RAID array is well, but the community forum board
disks into RAIDs, it can create an iSCSI similarly cumbersome. listed on the website is replete with
target and initiator. One handy feature unanswered hails from users.
is the ability to bond multiple Ethernet Where is the book?
cards into one network interface for To top it all, Openfiler has virtually no VERDICT
faster data transfers between the NAS freely official documentation, besides There is a target segment
for Openfiler, but we can’t
server and the users on the network. an installation guide and a skeletal FAQ spot it.
However, all these features come at with just two questions. If you need an
the cost of usability. The Openfiler web administration guide you’ll have to shell
60 www.linuxvoice.com
� NAS DISTROS GROUP TEST
EasyNAS Other options
Easy does it.
More NAS solutions abound!
I
f we’re going to recommend a piece of
software that you can install at home or at
work, we want you to be able to get
security and feature updates for it, and for that
reason we’ve featured some of the most
popular and actively developed NAS solutions.
One potentially useful option that isn’t in active
development is CryptoNAS. The USP of this
distro is that it pays special attention to
encrypting the data and ships with multiple
encryption algorithms. The Debian-based
CryptoNAS is available as an installable distro
and also as a Deb package. If you aren’t averse
to freeware, there’s also the Slackware-based
unRAID Server. It’s available as a USB image
Minor releases can be upgraded to from within the interfaces but to upgrade to a new major and can support up to three disks.
release you’ll have to reinstall the distro and then mount the existing volumes manually. Besides these open source solutions, there
are several commercial ones as well. Most
R
olling and managing your own get the option to specify their size. In charge for their enterprise-specific features,
NAS server doesn’t have to be an essence, every volume can grow until it while some charge for support and other
involved process. The EasyNAS takes over the complete disk. conveniences. Server Elements has three
distro takes away the complexities by NAS products that run entirely from RAM.
making several assumptions on the user’s Easy but not kiddie NASLite-2 is a general purpose NAS solution
behalf and in essence simplifies the entire The distro also has all the essential user while NASLite-M2 specialises in streaming
process. The distro is built using the online management abilities, and while adding media. The company also sells a cheaper NAS
SUSE Studio tool and is based on users, you can mark them as EasyNAS solution for home users called NanoNAS.
OpenSUSE 13.2 admins. Furthermore, when you’re The open source edition of Openfiler also
There’s not much to installing the distro. creating volumes, you can assign the has a commercial edition that adds a host of
EasyNAS is designed to take over the user and group that owns the volume as enterprise-specific features such as block-level
entire disk, and all you have to do during well as access permissions for them. By replication and High Availability and support
installation is to point it to the hard disk default new volumes are automatically for iSCSI and Fibre channel. There’s also
you want it to take over. As with most NAS added as Samba and NFS shares, and Open-E DSS, which is replete with Enterprise-
distros, you can’t use the installation drive you can optionally add them as TFTP or specific features and also has a feature-
to store additional data. AFP shares as well (AFP is the Apple Filing curtailed Lite version that’s available as a
You can carry out some common Protocol, which is used for sharing files free download.
administration tasks, such as changing with Mac OS X).
the admin password from the console While the distro has some useful
of the installed distro. For setting up features, such as the ability to schedule
the NAS you can use the distro’s web automated backups of added volumes, it
administration console. Unlike most lacks advanced features that you get with
other distros, EasyNAS’s web interface other solutions, such as the ability to hook
has many fewer options and is easy to up with a directory server. Also, while the
navigate. You can use it to arrange disks distro supports a variety of protocols and
in multiple types of RAID arrays and even services, you get no options whatsoever
concatenate multiple disks into one to configure them. There is also a web
virtual volume. service option that runs a simple web
When creating a filesystem on the disks, server and enables you to look at and
you can also choose a compression level. download files from a web browser.
The distro gives you two options (better
and faster) without going into details VERDICT
about them. Unlike other NAS distros that A simple NAS distro that
Tower Media Server is based on Linux but tries
balances the availability
support multiple filesystems, EasyNAS of features with its best to camouflage the fact so as to not scare
only supports the Brtfs filesystem. Also, reasonable assumptions. away users.
you can define multiple volumes but don’t
www.linuxvoice.com 61
� GROUP TEST NAS DISTROS
FreeNAS vs NAS4Free
NAS at its best.
F
reeNAS is probably the most NAS4Free uses a modified version of
recognisable NAS distro and one Monowall’s aged web interface.
of the elite group of open source Adding disks is fairly straightforward
software projects that has made a with both distros. Remember, however,
name for itself in the enterprise space. that these distros are both based on
In 2011 its development was taken over FreeBSD, and to use them effectively
by iXsystems, which also sponsors the you need to be familiar with the ZFS
PC-BSD desktop distro. The new filesystem and associated terminology
sponsors made changes that didn’t go such as zpools and datasets. In this
down well with a section of the regard, FreeNAS scores over NAS4Free,
developers, who forked the project and as its process is more intuitive and FreeNAS has a guided wizard to take you through the
created the NAS4Free distro. visually pleasing and selects good necessary setup steps.
Besides a common foundation, there defaults. That said, NAS4Free aids first-
are several similarities between the two time users by pointing to any missed used as an Active Directory domain
distros. Both bring the advantages of steps. So for example, if you went controller. In fact, some of the most
the ZFS filesystem to the network with straight to add a ZFS disk, NAS4Free useful NAS features are handled better
the use of popular protocols including will tell you that you first have to add by FreeNAS. For example, one of the
SMB, NFS, FTP, AFP, iSCSI and more. a virtual device and point you towards great things about ZFS is its snapshot
Both distros have a similar installation the relevant section. You’ll get a similar capability. NAS4Free doesn’t offer as
process and can happily reside on a warning when you try to add a virtual many options, nor is it as flexible as
removable USB disk as well. disk and be pointed towards the section FreeNAS when configuring snapshots.
While FreeNAS is designed to to first add a disk. FreeNAS can also be extended
take over the entire installation disk, Then there are times when it’ll leave with plugins, and uses FreeBSD’s
NAS4Free offers a bunch of options. you high and dry. So if you wish to use Jails mechanism to run them inside
You can either let NAS4Free completely the devices in a RAID, make sure the isolated silos. This ensures that even
take over the drive or install it and disks are formatted as Software RAID, if the plugins are compromised they
create a couple of partitions using the as NAS4Free wouldn’t even recognise can’t affect the NAS. There are plugins
remaining space. The second option devices formatted as UFS or FAT32.
“Some of the most useful
helps you use the excess space on the
installation drive for housing files. RichNAS
Once installed, the two distros boot Both distros are designed to handle
NAS features are handled
better by FreeNAS.”
to a console with similar administrative standalone authentication and can also
options to configure network and fetch authentication information from a
change passwords. However, as directory server via LDAP. The two
with other NAS distros the actual distros also support both Linux-style that’ll convert the NAS into a streaming
NAS configuration is done via a web ownership and Windows-style access server and can even run web apps such
interface. While the Django-based control lists for fine-grained control. as OwnCloud. NAS4Free doesn’t have
FreeNAS interface looks modern, Furthermore, FreeNAS can also be plugins as such but has built-in support
for several tasks in addition to that of
a NAS. You can enable these and use
the NAS4Free server as a UPnP Server,
Torrent client, DAAP server, and even a
simple web server.
Both distros are complex pieces of
software, but are well documented,
with FreeNAS scoring over NAS4Free in
this department as well. FreeNAS also
hosts a free webinar daily to help users
get started with the distro.
VERDICT
NAS4FREE An FREENAS The most
advanced NAS distro feature-rich NAS
that’s designed for distribution requires
advanced users. some getting used to.
You can easily back up (and restore) the server configuration in an XML file.
62 www.linuxvoice.com
� NAS DISTROS GROUP TEST
OUR VERDICT
NAS distros
I
f we had to award this group to make smart choices on your
test to the distro with the behalf, EasyNAS is a wonderful If you want to deploy OMV, check out our tutorial in issue LV009.
biggest number of features option. It doesn’t have advanced
then the top two challengers would
have been FreeNAS and its
features such as the ability to
connect with a directory server, but
1st Open Media Vault
Licence GNU GPL v3 Version 1.9
protegée NAS4Free. While both of is very adept at collating disks in
these solutions pitch themselves to a virtual volume or a RAID array. www.openmediavault.org
users outside the corporate The distro also lets you access Its familiar underpinnings, navigable interface, and adaptability
environment, they’d simply be data using a variety of protocols makes it our top choice.
overkill for most home users. including AFP, which lets you use
Furthermore, their FreeBSD base the NAS as a target for Mac OS 2nd EasyNAS
and the ZFS filesystem, while a X’s Time Machine backup app. The Licence Several free software licences Version 0.5.3
boon to enterprise users, virtually distro masks complexities such
makes them alien technology to the as the settings for the various www.easynas.org
Ideal for extending the benefits of NAS to non-technical users.
average Linux household. supported protocols and simplifies
Instead we’d rather rate the setting up useful features such
distros based on how they as creating snapshots of added 3rd Turnkey Linux File Server
Licence GNU GPL Version 13.0
“Open Media Vault is approachable, www.turnkeylinux.org/fileserver
extremely versatile and our winner.” Easy peasy network-wide access to data.
manage features with respect to volumes. Despite its simplicity,
4th FreeNAS
approachability. This is why we EasyNAS lets you control access to Licence BSD Licence Version 9.3
rate the Turnkey Linux File Server the added volumes using Linux- www.freenas.org
distro higher than the FreeBSD- style ownership controls, which Comprehensive solution that’ll appeal to enterprise users.
based solutions. It the simplest of makes it an ideal NAS distro for
solutions on test but does what
it’s supposed to do – provide a
non-technical users.
However, we’ll award this group
5th NAS4Free
Licence BSD Licence Version 9.3
network-accessible storage server test to the Debian-based Open
– without much effort. It ships with Media Vault distro. In our opinion www.nas4free.org
a reasonably configured Samba it offers the greatest number of If FreeNAS doesn’t work for you, this just might.
installation and doesn’t support features without compromising
any other protocol. You can use on usability. The distro has all 6th Openfiler Community Edition
the distro to browse its contents the commonly-used features
Licence GNU GPL v2 Version 2.99
from a smartphone, and it can also you’d expect in a NAS distro and
store backups from any app that can also be extended easily with www.openfiler.com
supports SMB shares. dozens of plugins, which makes it A feature-curtailed version that doesn’t offer anything worth
But if you need to set up a NAS approachable, extremely versatile recommending it over the others.
solution and can trust the system and our winner.
Based on Usability Data encryption Plugins Documentation
OpenmediaVault Debian 4/5 N Y 4/5
Openfiler CE rPath 2/5 N N 0/5
TL File Server Debian 3/5 N N 2/5
EasyNAS OpenSUSE 4/5 N N 2/5
FreeNAS FreeBSD 2/5 Y Y 5/5
NAS4Free FreeBSD 2/5 Y N 4/5
www.linuxvoice.com 63
� SUBSCRIBE
SUBSCRIBE www.linuxvoice.com/uk-subs
Get your regular dose
of Linux Voice, the
magazine that:
Gives 50% of its profits
back to Free Software
Licenses its content
CC BY-SA within 9 months
SUBSCRIBE TO
UK subs prices
TODAY! 12-month print & digital: £55
12-month digital only: £38
Get 114 pages Access our Save money on
of tutorials, rapidly growing the shop price
features, interviews back-issues archive and get each issue
and reviews – all DRM-free and delivered to
every month ready to download your door
Payment is in Pounds Sterling. 12-month subscribers will receive 12 issues of Linux Voice a year. 7-month
subscribers will receive 7 issue of Linux Voice. If you are dissatisfied in any way you can write to us to cancel your
subscription at subscriptions@linuxvoice.com and we will refund you for all unmailed issues.
64 www.linuxvoice.com
� SUBSCRIBE
All subscribers get access to every
single digital back issue –
that’s about 1,000,000 words of
tutorials, reviews and free software
hackery at your fingertips
Overseas subs prices
12-month print & digital:
Europe: £85
US/Canada: £95
Rest of world: £99 DIGITAL
SUBSCRIPTION*
ONLY
*
£38
WHEREVER IN THE WORLD YOU
ARE – IT’S DIGITAL, SO THERE ARE
NO POSTAGE COSTS
www.linuxvoice.com 65
� SYSADMIN
SYSADMIN:
SAVE TIME
WITH WEBMIN
Annoyed by niggling differences between Linux distributions? Try Webmin, a consistent
web-based tool for system administration.
I
f you work with multiple Linux firewall settings, set up email, and perform ./setup.sh
distributions, or different flavours of many other tasks. Webmin has been in Webmin will ask you where it should save
Unix, you’ve probably come across development for almost 20 years, having its configuration and log files (the defaults
frustrating little discrepancies between seen a number of interface revamps along are fine), and then ask you to specify the
them. Commands often use different flags, the way, and today it runs on a huge range Linux/Unix system you’re using. You’ll see
filesystem locations can vary, and you often of platforms – see www.webmin.com/ a list of many distros – but if yours isn’t
end up hunting through man pages just to support.html for a list. Along with the usual there, choose 95 for “Generic Linux”. In the
get basic jobs done. Some distributions offer suspects among Linux distributions, Webmin following step, you’ll be asked to configure
text-based or GUI administration tools (such also runs on the various *BSD flavours, IBM the web server port, username and
as OpenSUSE’s Yast) to mitigate this AIX, Solaris and other Unix platforms. password that you’ll use to log in. Webmin
problem somewhat, but you still end up with You may find Webmin in your distribution’s is written in Perl, and if you have the Perl
every Linux OS having its own way to package repositories; if not, download the SSLeay library installed, you’ll be able to log
configure things. tarball from www.webmin.com (see the in over HTTPS.
Webmin is one solution – and a very fine TAR link in the top-left), then perform the Finally, the installer will ask you if
one. It’s a web-based interface for system following commands as root to extract it Webmin should be started at system boot,
administration on Linux and other Unix- into /usr/local and run the setup script: and you’ll be able to log in by going to
like systems, providing a consistent way tar xfv webmin-1.730.tar.gz -C /usr/local http://<hostname>:10000 in a web browser
to manage users, run services, configure cd /usr/local/webmin-1.730 (eg http://127.0.0.1:10000 to administer
the local machine). Enter the username and
password you specified before, and you’ll
arrive at the main Webmin page, with a panel
of system information in the middle and a
tree of administration tasks down the left
hand side.
You may also see a warning box at the
top which states that some modules are
out of date. Webmin is not a monolithic tool;
its functionality is provided in the form of
modules. For instance, there’s a module for
configuring the Apache web server, another
module for configuring MySQL, and so forth.
Webmin can update these modules with a
single click, so it’s a good idea to make sure
they never get out of date.
Typical tasks
To find out what Webmin is capable of, click
on System on the left to open the tree of
items. You’ll see options for changing
Webmin’s front page shows information about the system, including CPU load average, RAM usage, passwords, managing filesystem partitions,
free disk space and the all-important server uptime duration. making backups, killing/restarting/reniceing
66 www.linuxvoice.com
� SYSADMIN
processes, scheduling commands,
managing users and groups, and other
common tasks. Try clicking some of the
options and exploring the panels that come
up – they’re very useful, even if they don’t
have checkboxes for every single parameter
used by the equivalent command line tools.
For day-to-day jobs, though, Webmin does a
sterling job.
Module configuration
Under the Servers, Networking and
Hardware links on the left, you’ll find more
modules for administering the machine.
You’ll also see a section called Unused
Modules; this contains modules that haven’t
started because they believe that a certain
piece of software isn’t installed on your
machine. But the detection methods aren’t
perfect here – for instance, in the case of the
Apache module. You may have Apache
installed, but the module complains with
“server executable /usr/local/apache/bin/ Some of the modules, such as for OpenSSH, have a GUI-like approach with chunky icons to click.
httpd does not exist”.
Chances are that your httpd binary will be – see the Global Configuration tab for the Webmin users to logging in on certain days,
in a different place, so click on the Module majority of the tweakable settings. Next or even certain times of the day.
Configuration link and change the paths time you use Webmin, the Apache module And there’s more: after clicking on a
to match your installation. You’ll see that will move from Unused Modules to the module, go to the View Module’s Logs link
Webmin can try to guess the location of your Servers section. (it’s in the bottom of the left-hand tree) to
apache2.conf file, but it’s better to specify Helpfully, most Webmin modules also view recent activity. You can, for instance,
it directly (it may be /etc/httpd/conf/httpd. provide direct access to configuration files, see what changes have been made by
conf on your system). Click Save at the so you don’t need Webmin users, so you
bottom to reload the module, and all being to SSH in manually can point the blame
well you’ll now be able to administer Apache if you need to make “Having a single interface if someone damages
a quick change. It’s for configuration will the configuration.
also possible to enter Webmin itself is
Webmin for users
single commands make your life easier.” highly customisable.
As you explore Webmin, you may see under the Others Go to Webmin >
some functionality that could be useful for tree on the left: click on Command Shell, Webmin Configuration in the left-hand tree
normal users on the system, and not just
administrators. The Webmin developers have
which also provides a history of previously menu, and you’ll see that you can tweak the
recognised this and created Usermin, a stripped- entered commands. Under the Upload and appearance, change login settings (such
down version of Webmin with a handful of Download section you can transfer files to as blocking hosts if they have repeatedly
modules appropriate for typical users. These the machine, which is mightily useful if you failed to log in) and even upgrade Webmin
include user management tools (eg changing can’t use SCP. There’s also a file manager, in place. It’s also possible to add third-party
your password), reading mail and performing
scheduled commands. The goal of Usermin is
although you need Java installed to use it. modules here, many of which you’ll find on
to provide a friendly configuration panel for the Webmin website at www.webmin.com/
user accounts, so that users can change their An army of admins cgi-bin/search_third.cgi?modules=1. If
settings and do simple tasks without requiring If you decide to use Webmin in large you’re familiar with Perl, you can create your
command line knowledge. deployments, you might need to create own Webmin modules by following the guide
To enable it, go to Unused Modules in the
left-hand tree and choose Usermin. You’ll
multiple user accounts so that other at http://doxfer.webmin.com/Webmin/
see that the module isn’t installed on the administrators can log in. Click the Webmin Module_Development.
system, but there’s a button to download tree icon in the top left and then Webmin On the whole, Webmin is a mature and
it. Usermin will be automatically extracted, Users. Next, click Create A New Webmin reliable tool that, when deployed across
so read the text that’s displayed and go to User and fill in the details. It’s possible to many different Linux distributions and
http://<hostname>:20000 in another tab. There
you can log in as a normal user account on the
limit access by IP address, and choose Unix flavours, can save you a lot of time.
Linux/Unix system, and explore the different specific modules that the user can access. Having a single interface for configuration
options in the left-hand tree. Like Webmin, This is important if you want a certain admin – regardless of operating system – and
Usermin is highly configurable and you can to do work on Apache and MySQL, for the ability to provide restricted accounts for
enable and disable modules at will (click the instance, but not be able to change anything other admins will make your life easier when
Available Modules button).
else on the system. You can also restrict looking after a large number of boxes.
www.linuxvoice.com 67
� FOSSPICKS
FOSSpicks Sparkling gems and new
releases from the world of
Free and Open Source Software
Hunting snarks is for amateurs – Ben Everard spends his time in
the long grass, stalking the hottest, free-est Linux software around.
Webmail client
Roundcube
T
here are email clients for from any machine. We like this
just about every modern solution so much, we use it for our
computer system, and Linux Voice email.
most not-so-modern systems. Roundcube is just an email client,
Native email clients work well, but so you need to pair it with the
they can be fiddly to configure. This appropriate serv]ers for sending
isn’t a problem for a machine you and receiving email. Just configure
use regularly, but if you only use a it as you would any desktop email
machine occasionally, it may not be client and you have a webmail
worth it. The alternative is web- system.
based email. We’ve been running Roundcube
There are loads of services that for a little over a year, and haven’t
will host email for you on a website come across any major problems The settings in Roundcube are easy to understand and use.
(Gmail, Yahoo Mail, Hotmail, etc), in that time. It’s a little more limited
but these are provided by than some native clients, but it does an email client that’s missing is
companies that rely on advertising have an address book, filters for PGP/GPG encryption. It is possible
to make money, and we’re not that automatically sorting emails, and it to do this with some external tool
comfortable allowing them access handles HTML without any such as Mailvelope (https://www.
to all our communications. problems. The only key feature of mailvelope.com). In other words,
To solve this conundrum, there’s there’s nothing missing that we
Roundcube, a webmail server that
you host yourself. You just need to
“At Linux Voice we’ve been running would consider essential in an
email client, but power users may
set it running on a machine with a Roundcube as our email client for a find things missing that they like.
publicly-routable IP address, and
you can keep up with your emails
little over a year.” For example, there’s only one type
of flagging available.
You can extend Roundcube with
plugins, and you can see all those
available at http://plugins.
roundcube.net. You can also
change the look of the interface
through skins. We’ve never felt the
need for either plugins or skins, but
if you have a particular need in
mind, it’s worth checking to see if
there are ways to meet this.
The new release brings a few
minor improvements (better
handling of HTML images and
improved searching), but nothing
that fundamentally alters this
excellent software.
PROJECT WEBSITE
Roundcube supports multiple sending identities allowing you to manage a range
www.roundube.net
of accounts from a single login.
68 www.linuxvoice.com
� FOSSPICKS
Lightweight desktop environment
LXQt
L
XQt is a project created by
the developers of the LXDE
and RazorQt desktops
coming together to create a new
desktop environment based on the
Qt widgets rather than the ones
from GTK (as LXDE was). LXQt’s just
reached version 0.9, so it’s still in its
infancy, but it’s rapidly becoming a
great option for low-power
machines. The aim is to create a
simple desktop that just works as
users expect it to, rather than one
full of configuration options for all
kinds of features that few people
will ever use.
Version 0.9 is fully migrated to
the Qt 5 toolkit (as used by the KDE
desktop) and has dropped support
for Qt 4, so it takes advantages of all
the latest improvements in the
platform. It also sees the inclusion
of KWindowSystem and KGuiAddons
from KDE. These reuse code from
The new release of LXQt comes with the new Frost theme, and drops some old ones that weren’t as popular.
the other major Qt desktop rather
than reimplementing the same
functionality. making the switch permanent, and software. You don’t get much more
We’ve been using LXQt for the that’s about the highest praise you than a desktop and a file manager
last couple of weeks, and we’re can get from a software reviewer. with LXQt. The file manager – a Qt
impressed. It’s fast, has what we While the desktop works well, port of PCManFM – is about as
need, and doesn’t get in the way of don’t expect too much in terms of minimalist as it’s possible to be, and
normal computer use. We also frankly, we’d prefer a little more
haven’t run into any stability
problems, so despite its fairly young
“LXQt is fast, it has what we need, functionality. Things like sorting
lists of files by clicking on the
age, we can recommend it for and it doesn’t get in the way of column header rather than going
general use. As a long-term LXDE
user, this reviewer is considering
normal computer use.” into a menu, for example, would
make the file manager much more
pleasant to use.
Much Qt software is designed to
work with the much more
heavyweight KDE desktop;
conversely, a lot of the more
lightweight Linux software uses the
GTK widget set. This means that
there’s not a lot of software that fits
the LXQt philosophy. This is sure to
change though. In fact, it’s already
starting to: QTerminal is a
lightweight terminal for Qt that fits
in well with the LXQt philosophy.
PCManFM is too
stripped down for our Watch this space…
tastes – we prefer using
PROJECT WEBSITE
a different file manager
www.lxqt.org
with LXQt.
www.linuxvoice.com 69
� FOSSPICKS
Real time OS
Nuttx
C
ompared to most modern hardware, you can get started by
operating systems, Linux is emulating one using Qemu. There
quite lightweight, and it are instructions at www.zilogic.
happily runs on hardware that com/blog/tutorial-nuttx.html.
wouldn’t even boot the latest The point of Nuttx isn’t to turn
version of Windows. However, these machines into desktops, but
sometimes even Linux is too heavy. for building embedded devices. As
Nuttx is a very lightweight real time such, it’s stripped down to just the
operating system released under a barest essentials, but it still strives
BSD licence, and rather than more for Posix and ANSI compliance. It
heavyweight options, it’s designed also has a few concessions to ease
with tiny processors in mind. of use, such as a graphical widgets
With a bit of persuading, it will run toolkit (NxWidgets) and a shell
Nuttx boots to NuttShell,
on a Z80 (the processor at the heart (NuttShell). You won’t find much in the way
which accepts some of
of the Pacman arcade machine, the the same commands as of drivers for consumer hardware,
Nintendo Game Boy, and many Real-time for hardware a Linux system. but there’s support for peripherals
other iconic 80s and 90s This isn’t something that you’re such as USB hosts, flash memory,
computers), an AVR (similar to the going to replace your Linux install PWM drivers, CAN buses, DACs,
chips in most of the Arduino with, but if you’re looking for a high ADCs, etc. If you’re building your
microcontroller boards) and ARM degree of control over hardware, the own hardware, this should be
Coretex-M series processors real-time aspect of NuttOS is quite enough to run what you need.
including the Arduino Due. If you appealing, especially given that the
like the sound of Nuttx, but don’t real time patches for Linux are PROJECT WEBSITE
www.nuttx.org
have access to any of these bits of slowly sliding out of usability.
Video compressor
x265
V
ideos take up huge Pictures Expert Group (MPEG) and
amounts of space and the International Telegraph Union
network bandwidth, and (ITU). H.265 can roughly double the
there’s a constant effort to improve compression ratio of H.264 videos
compression. Almost all video (also known and MPEG4 Part 10 or
encoding – H.265 included – is Advanced Video Coding).
lossy. This means you can make It achieves the compression
the file as small as you like, but as improvement using many
The increased
you make it smaller, the quality gets optimisations, but one of the areas with little detail, while smaller
compression comes at
worse. The improved compression biggest is the use of coding tree the expense of slower areas hold more detail.
in this format means you can either units. All video compression splits processing. Our test x265 is open source, however it’s
store a video at the same quality in each frame up into smaller sections machine could process not patent-free. This is a thorny
a smaller amount of disk space, or and compresses them separately. just one frame per subject, and if you’re including x265
if you’re not storing video but Previous standards had split the second. in any form of software, you should
streaming it, you can stream higher image up into a regular grid, but make sure you fully understand the
quality over the same bandwidth or HEVC varies the size of the sections situation. However, until Dalla – the
the same quality over a lower it splits the image up into. Large patent-free codec developed by
bandwidth. sections are used to compress Mozilla and Xiph – is ready, there
x265 is an implementation of the aren’t any modern patent-free
new H.265 standard (also known as alternatives.
High Efficiency Video Coding or “x265 improves compression using
HEVC). This is the latest in a long
line of standards from the Motion
many optimisations.” PROJECT WEBSITE
http://x265.org/
70 www.linuxvoice.com
� FOSSPICKS
File manager
Worker
A
ll desktop environments interface won’t suit everyone.
come with a file manager, Worker brings the same level of
but you may not always power to the GUI world.
find that the default one meets all It’s more than just two panes,
your needs. though. It can also be used with
Worker is a two-pane file AVFS (a virtual filesystem) to
manager. This style of file tool is browse the contents of many
less popular than it used to be, but compressed files. It has labels,
still a very effective method of bookmarks and a file search tool for The garish colour scheme won’t be for everyone, but at least it
dealing with your files. Each pane is finding what you need, and can use makes it easy to see what’s going on.
independent of the other, and you external programs to perform any
can browse different directories missing functionality. particularly stylish graphics, it does
with each one. The big advantage The look could either be mean the code is very lightweight
of two-pane file managers is when described as retro or awful and extremely portable (if X runs on
you come to move files around. You depending on your feelings about the system, then Worker will).
can have one pane in the directory user interfaces. This look is due to it The target user of two-pane file
they’re coming from, and the other being built directly in X Windows managers, unsurprisingly, is system
in the directory they’re going to, and and not using a widget toolkit. administrators who deal with a lot
then you can shuffle them around While this doesn’t make for of files, but they are useful for
without the risk of them going anyone who has to move loads of
missing. By far the most famous files from one place to another.
two-pane manager is Midnight “Worker’s look could either be
Commander, which is a fantastically
useful tool, but the terminal
described as retro or awful.” PROJECT WEBSITE
www.boomerangsworld.de/cms/worker
Exercise database
SportsTracker
T
here are plenty of free-to- its job well. It can import data from
use commercial tools for a wide variety of sources (including
tracking how much exercise GPX, so you can get data from GPS
you’re doing. However, this is one receivers on mobile phones). It
area that we think that free as in doesn’t support a wide variety of
free software is really important. sports types – just running and
Not only is this key to health, but it’s cycling – so depending on what
an area in which you’ll build up a you do, it may not be suitable for
vast amount of data over the years. you. It also doesn’t try to calculate
Commercial tools may monetise the number of calories consumed,
this data in various ways, and the but the estimates that some
companies that run them don’t applications make in this area are
The statistics screen
have your best interests at heart. highly inaccurate anyway. As well It looks clean, and should run on
gives you an overview of
Plus, with a free (as in free as exercise, you can track your the exercise you’ve been anything with a Java runtime.
software) tool, you know that you weight, so you can see if the performing over any Commercial tools may have
can get the data back if you need workouts are having the desired given timespan. more functionality, but the
– although SportsTracker doesn’t effect, and you can plot how quickly knowledge that we’re not entrusting
directly support exporting to you’re losing weight. our personal health data with third
formats suitable for other software, parties who are free to sell it on is a
the open nature of the program Running free winning feature.
means you can create a filter for SportsTracker 7 is newly re-written
the file format should you need to. PROJECT WEBSITE
with a JavaFX interface (rather than
www.saring.de/sportstracker
Freedom aside, SportsTracker does Swing, which was used previously).
www.linuxvoice.com 71
� FOSSPICKS
Secure deleter
srm
T
he rm (remove) command does, but it scrubs off the data in a
is probably one of the best way that would please even the
known Linux tools. It’s a most paranoid people. First, it
simple command line utility that overwrites the data with all 1’s.
lets you delete files, and when Then it overwrites it with random
combined with a powerful shell, it data – five times – then it
can be used to easily delete a range overwrites that random data with
of files that satisfy particular special patterns that are designed
criteria. However, it is badly named. to make it impossible to recover the
It doesn’t actually remove the files data using even the most A full 38 wipes is probably overkill, but it’s better to be safe when
at all; it just deletes the reference to sophisticated theoretical recovery deleting sensitive data.
them. This means that if you delete techniques – 27 times – then
a file using rm, the data is still there. another five overwrites using – can recover the data if the data’s
If you’re just deleting a file to free random data. Only after all this stored on a magnetic hard drive.
up some space, then this isn’t a overwriting does it consider the file Solid state drives can pose
problem. However, if you’re deleting blanked, and then it deletes the file. problems and are much harder to
a file because it contains data you The result is that there’s no way guarantee secure deletion. The
don’t want to be on a machine any that anyone – not even the most downside of srm is that it takes
more, then rm isn’t sufficient. You powerful state-sponsored attackers longer to perform than normal rm.
also need to remove the data. Large files can take several minutes
Secure Remove (srm) is one to blank. That’s the price of security.
solution to this. It’s a drop-in “srm scrubs data in a way that
replacement for rm that not only
deletes the file in the same way rm
would please even the paranoid.” PROJECT WEBSITE
http://srm.sourceforge.net
Finance manager
HomeBank
I
n today’s world of online then track these budgets over time,
banking, where smartphone and make sure that you’re realistic
apps can tell you your bank about your spending habits.
balance, it’s easy to keep track of
how much money you have. Annual expenditure £19 0s 6d
However, it can be tricky to find out How well HomeBank will work for
where all of your money is going. you will depend on how you spend
That’s what HomeBank is for. It can money. If most of your expenses
import the QIF and OFX files used are on a card, then it’s easy to
by online banks as an export format import everything into the
HomeBank can display
(note – QIF files didn’t work in our application. However, if most any fancy jargon, or wade through
data in pie, bar and line
testing, but this could have been a expenses are cash then they will charts, giving you three archaic forms. It all just works as
problem with our bank’s export each have to be created manually, ways to view the expected. Should you find yourself
function). HomeBank then enables and it might be easier to use a vultures pecking at your stuck though, HomeBank is well
you to tag each transaction with spreadsheet or some other custom hard-earned money. documented at http://homebank.
what type it is. Using this, you can tool. We found that we could go free.fr/help/index.html. If you’re
get a detailed picture of how much from an exported file from the bank unsure where your salary goes at
you spend on what. to a detailed breakdown of the end of each month, then this is
You can take this simple method expenditure very quickly. the software for you.
further by assigning a budget to Finance software can sometimes
each category of expense, and then be intimidating, but HomeBank is
PROJECT WEBSITE
see how you’re performing with easy to use, even for people new to
http://homebank.free.fr
respect to these targets. You can finance. You don’t need to know
72 www.linuxvoice.com
� FOSSPICKS
FOSSPICKS Brain Relaxers
https://launchpad.net/pybik/
Ball balancing challenge
Neverball
U
sing the mouse or work with Gnome’s sandboxing
keyboard, you control the applications project. This project
tilt of a board. On that uses a group of nifty technologies
board is a ball, and you have to to package applications up in such
use the tilt to manoeuvre the ball a way that they are distro-
around various mazes, collecting independent, and can be limited in
coins as you go, until you reach how they interact with the system
the finish. It sounds simple, and in order to improve security. This is
in many ways it is. The enemy similar to how apps work on
here isn’t complex AI, or other Android. There’s a blog post by
players, but simple physics. The Alexander Larson about the
faster you move through the process of sandboxing NeverBall at
The 3D graphics are
maze, the more momentum the http://blogs.gnome.org/ indications are that it will make it
simple enough to run on
ball has, and the harder it is to alexl/2015/02/17/first-fully- most computers, but far easier to release software for
control. Slow and steady or fast sandboxed-linux-desktop-app. rich enough to provide Linux, and that’s got to be a good
and reckless – which is better? It’s early days for sandboxing on an immersive thing. In the mean time, you
We chose the latter option, but Linux (at least, non-Android Linux), experience. should also find Neverball as a
then here at Linux Voice Towers, so we can’t say for sure how well it regular package in your distro’s
we’re used to life on the edge. will end up, but we’re cautiously repositories.
This game doesn’t stand out optimistic about the potential for
only for its gameplay though. It’s more secure and portable (between PROJECT WEBSITE
http://neverball.org
also the first desktop Linux app to distributions) packaging. The early
Transport simulator
OpenTTD 1.5
O
penTTD is based on the curve gets a bit shallower, and it’s
classic 90s game easy to progress through the game
Transport Tycoon Delux. using more and more advanced
The aim is to build a thriving, transport options without resorting
transport business by connecting to the documentation too much.
a map with transport links, and OpenTTD contains a number of
plying the routes with vehicles. improvements including larger
The gameplay is a little maps, an online multiplayer mode
confusing to start with, so it’s and more advanced transport You can use land, sea and air to move cargo and people as
probably best to start with the options. These make the game far efficiently – and as cost-effectively – as you like.
tutorials at http://wiki.openttd. richer and allow enjoyment for
org/Tutorial, especially if you’re longer than the original. pixellated graphics will provide a
not familiar with the original Despite all the enhancements, welcome dose of nostalgia to
game. This will take you through OpenTTD is true to the spirit of the anyone who enjoyed PC gaming
building the infrastructure, buying original, both in gameplay and in in the 90s. Play it on a CRT
vehicles, and putting them to style. The isometric view and screen, put some Oasis or Blur on
work on routes. All this is needed the stereo and hunker down for
before you can start to make some retro fun.
money off your fledgling “OpenTTD’s improvements make
transport empire. Once you’ve
learned the basics, the learning
it far richer than the original.” PROJECT WEBSITE
www.openttd.org
www.linuxvoice.com 73
� SUBSCRIBE
SUBSCRIBE www.linuxvoice.com/us-subs
Get your regular dose
of Linux Voice, the
magazine that:
Gives 50% of its profits
back to Free Software
Licenses its content
SUBSCRIBE TO CC-BY-SA within 9 months
US/Canada subs prices
TODAY! 1-year print & digital: £95
12-month digital only: £38
Get 114 pages Access our Save money on
of tutorials, rapidly growing the shop price
features, interviews back-issues archive and get each issue
and reviews – all DRM-free and delivered to
every month ready to download your door
Payment is in Pounds Sterling. 12-month subscribers will receive 12 issues of Linux Voice a year. 7-month
subscribers will receive 7 issue of Linux Voice. If you are dissatisfied in any way you can write to us to cancel your
subscription at subscriptions@linuxvoice.com and we will refund you for all unmailed issues.
74 www.linuxvoice.com
� NEXT MONTH
NEXT MONTH IN
ON SALE EVEN MORE AWESOME!
THURSDAY
Larry Wall
30 APRIL As the creator of the
Perl programming
language, this man
practically wrote the
COMPLETE GUIDE TO
internet single-
CC BY-SA Klapi
handedly. Probe his
HACKING
mind and enjoy his
taste in shirts!
Lyx
If you like nicely
formatted scientific
documents (and who
doesn’t?) but don’t
want to bend your
brain learning Latex,
try its WYSIWYG
cousin, Lyx.
Raspberry Pi robots
ETHICAL HACKING* The first rule of robot
club is that robots
Learn how the bad guys work and use that should be cheap to
build and easy to
knowledge to protect yourself. Starring program – which is
Ben Everard and the Metasploit framework. why there are so
many kits powered by
*We know we promised this before, but it’s really happening this time. the Raspberry Pi…
LINUX VOICE IS BROUGHT TO YOU BY
Editor Graham Morrison Editorial consultant Nick Veitch through the use of advice in this magazine. Copyright Linux is a trademark of Linus
graham@linuxvoice.com nick@linuxvoice.com Experiment with Linux at your own risk! Torvalds, and is used with permission.
Deputy editor Andrew Gregory Distributed by Marketforce (UK) Ltd, Blue Anything in this magazine may not be
andrew@linuxvoice.com All code printed in this magazine is licensed Fin Building, 110 Southwark Street, London, reproduced without permission of the editor,
Technical editor Ben Everard under the GNU GPLv3 SE1 0SU until December 2015 when all content
ben@linuxvoice.com Tel: +44 (0) 20 3148 3300 (including our images) is re-licensed
Editor at large Mike Saunders Printed in the UK by CC-BY-SA.
mike@linuxvoice.com Acorn Web Offset Ltd Circulation Marketing by Intermedia Brand ©Linux Voice Ltd 2014
Creative director Stacey Black Marketing Ltd, registered office North Quay ISSN 2054-3778
stacey@linuxvoice.com Disclaimer We accept no liability for any House, Sutton Harbour, Plymouth PL4 0RA
loss of data or damage to your hardware Tel: 01737 852166 Subscribe: shop.linuxvoice.com
www.linuxvoice.com
�� TUTORIALS INTRO
TUTORIALS
Dip your toe into a pool full of Linux knowledge with nine
tutorials lovingly crafted to expand your Linux consciousness
In this issue…
78 80 84
Ben Everard
is combining all this issue’s tutorials into a
super project that will alter computing for ever.
Redshift Google Coder Vector Graphics
T
he standard iOS-alike interface Graham Morrison alters the Want to get started Marco Fioretti shows you
for smartphones is the same on colour balance of his screen with programming web how to make high quality,
almost every phone platform to keep his eyes fresh for technologies? Les Pounder scalable images that will
and hasn’t really changed in five years. long evenings spent playing introduces a programming make your website look
Back then, phone processors were computer games. tool from Google. great on any screen.
much less powerful and screens much
lower resolution. The problem is that
now, people are used to the way a
88 92 96
particular system works, and it will be
hard for Android or iOS to change. Most
of the newer phone OSes have aimed
for similarity rather than innovation. The
only company daring to think differently
on this front is Canonical, and I for one
applaud its efforts. Creating an entirely
new ecosystem is a risky strategy, but
x86 CPUs Share Trading Mail Server
then so is every attempt to enter the Ever wondered what goes With a bit of Java, you can John Lane keeps his data
mobile phone business. on inside your computer’s start a trading empire. secure by running his
I don’t think anyone can honestly brain? Valentine Sinitsyn Andrew Conway shows you own email server using
claim to be able to predict the future of takes you on a tour of your how to build a fortune on Roundcube and Cyrus. You
an industry as fickle as the mobile CPU to find out. the stock exchange. can too!
computing industry. My guess is that
the next few years will see an end to the
Android-iOS duopoly as several of the PROGRAMMING
new OSes gain traction. If this duopoly
is broken, the ability to run on multiple Fortran Packaging ASM
platforms will become an important 100 This language dates back to 104 So, you’ve created some 106 In part three of this series,
feature in apps. If customers start the 1950s, but it’s still with wonderful code that will Mike Saunders reveals his
use today. This long heritage transform the future of humanity. sadistic side and starts
demanding this, app vendors will
makes it the perfect subject for That’s great, but how do you get it programming without the
comply and it’ll become easier to run our first look back at the history of out to the world? In this article we advantages of even an operating
whatever OS you want, and not be tied programming languages. Join us look at Python’s options for system. Here, you’ll learn how to
into a particlar platform’s software. If as we dust off the history books sharing code through modules and use just the BIOS and assembly
this happens, Canonical’s risky move and head back into a world before packages, and how to make the language to power his programs.
syntax highlighting, code most of them to get your code out Only the truly geeky should risk
might just pay off.
completion and Stack Overflow. to a wide audience. following this path.
ben@linuxvoice.com
www.linuxvoice.com 77
� TUTORIAL REDSHIFT
EASE EYE STRAIN AND SLEEP
TUTORIAL
EASIER WITH REDSHIFT
Dynamically adjust the whiteness of your screen to reduce eye
GRAHAM MORRISON
fatigue
T
oo many of us work late into the night staring
WHY DO THIS?
at a screen. And while the best solution is
• Sleep better.
always going to be to work less, if you haven’t
• See better.
got that luxury Free Software can offer you the next
• It’s an excuse to revel
best solution – a tool that adjusts the whiteness of
in the brilliance of Lord
Kelvin. your screen as day turns into evening and evening
turns into night.
Not only will this reduce the fatigue on your eyes, it
also helps reduce the stress on your precious
neurons, helping tell your brain it’s not really midday
but nearly time for bed. If that last sentence sounds
more like alternative therapy, all we can suggest is Redshift changes the white balance of your screen so that
that you try it for yourself, because it’s brilliant. it’s easier on your eyes.
Step by step: Grab and configure Redshift
1
What Redshift does 2
Install redshift
Redshift is an open source tool that dynamically This may sound like Redshift is reducing the overall
adjusts the white balance of your display over time. If quality of your display but all it’s really doing is
you’re a photographer, you’ll already know what white adjusting the white balance so that white now looks
balance is – it’s the process of adjusting the colour like it’s lit by the sun at the current time and date and
balance of a photo to ensure white is as neutral as also geographical location, or if it’s dark, the sun is
possible, because the way white appears changes replaced by lamp light. This is both easier on your
under different lighting situations. You don’t notice eyes and helps trick your brain into preparing itself for
these changes because the brain automatically the appropriate time of the day.
compensates for lighting conditions. It will keep on Redshift has become popular enough to have
telling you something is white whether it’s lit by the spawned several side-projects. It is itself the open
midday sun or by a late evening sunset. source equivalent of a proprietary utility called
It’s only when you take a photo and look at that f.lux, and you’ll need to avoid these when installing
image under different lighting conditions that you these from your distribution’s package manager.
might notice. Photographers take something they We’re going to stick with the simple redshift
know is white from the photo and adjust the entire package to get things started and to explain
colour balance until it is. Redshift does the opposite, some of its options; you can then go back and
changing the colour balance of your screen as if it explore some of the alternatives if you like what
were lit from a different source. it does.
78 www.linuxvoice.com
� REDSHIFT TUTORIAL
3
Colour temperature 4
Geolocation
With Redshift installed, execute it from the command- Without any arguments, running redshift will attempt
line by typing redshift -O 3000. The 3000 is using a to detect your geographical location automatically
unit of measurement for temperature called Kelvin, using GeoClue, a D-BUS service that uses your
also used for white balance and colour temperature network connections to determine your location
within screens, because black bodies (originally locally. This is so it can adjust the colour temperature
carbon in William Kelvin’s experiments) emitting heat against the respective location of the sun at our
at around 3,000 K look orange, whilst those of around latitude and longitude. After detecting your location,
8,000 K look blue (as shown in the image – the black your screen’s colour temperature will adjust gradually
line is the change in colour as K increases). A neutral moving between 3500 K for night and 6500 K in the
colour is considered to have a Kelvin value of 6500, day. If you add the -v option you can see how Redshift
and a candle burns at around 1900 K. is changing, but after the initial transition, changes
should happen so gradually that they’re not
noticeable, so it’s only when you really do look at 6500
K light, such as a backlit keyboard or white LED, you’ll
realise your eyes and brain had adjusted to the new
status quo.
5
Customise Kelvin and brightness levels 6
Use a GUI
If GeoClue has any difficulty finding your location, you Even though Redshift runs perfectly from the
can manually enter your latitude and longitude by command line, and we’d recommend launching it and
using the -l LAT:LONG argument. There are lots of forgetting about it, there are numerous interfaces to
online services that will take a postcode and turn it its various functions. These can give you better
into your location. Another important option is the control over the colours it produces and the times it
ability to change the colour temperatures your screen produces them. Redshift-gtk, for example, adds an
is going to shift between. This uses the argument -t, applet widget to remind you it’s running. Another
and we prefer a more extreme night value of 2800 K, option is Redshift-gui. This gives you a graphical
which you can pass to Redshift with redshift -v -t indication of the sun’s position, lets you set a location,
6500:2800. It’s worth looking up the Kelvin values for and fine-tune colour temperatures and transition
other kinds of lighting. Another additional argument is speed – basically all the options you get from the
brightness adjustment. This isn’t the same as command line, only from the convenience of your
hardware brightness, and won’t really extend your mouse. And whatever option you choose, typing
battery life, but it gives you more granular control over redshift -x will always reset your screen to its default
your screen in low light. The argument for this is -b values. Redshift is one of the best utilities we’ve ever
DAY:NIGHT, where day and night are values between used. When you turn it off and look at real white again,
1.0 and 0.1. you can’t believe your eyes.
www.linuxvoice.com 79
� TUTORIAL GOOGLE CODER
HTML, CSS AND JAVASCRIPT
TUTORIAL
ON THE RASPBERRY PI
Turn your Raspberry Pi into fully fledged web development
LES POUNDER
environment with a little help from Google Coder.
W
hen we think of the Raspberry Pi we
WHY DO THIS?
instantly think of great projects using
• The internet extends Python, Scratch and Sonic Pi. But there are
into every facet of our
lives and learning how a also many other languages that can be used with the
web page is constructed credit-card sized computer. Three of these languages
is a great skill for are HTML, CSS and JavaScript, which together provide
children to learn. In
this tutorial we will a powerful framework for creating web content.
use free software from HTML Hyper Text Markup Language is the most From the Coder main menu you can access the settings
Google called Coder to common language used to create web pages. It menu via the cog icon in the top-right of the screen.
learn HTML, CSS and
JavaScript. uses a series of 'tags' that identify elements on a
page, for example a title, image or video. HTML is copy the contents on the image file to a blank SD
not a programming language – it's more of a card. In this tutorial we're using Linux Mint 17, but if
TOOLS REQUIRED content/markup language. you are using a Windows or Apple computer, follow
• A Raspberry Pi. CSS Cascading Style Sheets are used to change the the instructions at http://googlecreativelab.github.
• Ethernet or Wi-Fi. look and feel of a web page. A whole site can be io/coder. The dd command is not to be used lightly,
• A computer on the linked to just one stylesheet. as it has the capacity to cause damage if used
same network as the JavaScript is a programming language that has incorrectly. The dd command works as follows:
Raspberry Pi. matured with use on the internet. It can be used to sudo dd if=/location of image of=/location of SD card bs=4M
link HTML forms to MySQL databases or used with Firstly you will notice that dd is preceded by the
a microcontroller to power hardware projects such sudo command – this is a safety precaution requiring
as the Espruino Pico board. you to enter your root password.
Thanks to the cost-effective Raspberry Pi we can if refers to the input file, which in our case is the
easily create a web development suite using a Linux raspi.img file. of refers to the device that will receive
distribution created by a team of Google employees, the stream of data, which is typically /dev/name of
this project is called Coder. Coder is an open source SD card. Lastly bs refers to the block size, used to
operating system that creates a suite of tools to edit copy a certain amount of data in one block, in this
HTML, CSS and JavaScript in your web browser. case 4MB.
Using Coder you can easily create web apps that are So we know the location of the raspi.img file, but
hosted on your Raspberry Pi. where is our SD card? To find out, insert a blank SD
card of greater than 4GB in size into your computer. In
Getting started the terminal type in the command:
Installing Google Coder requires downloading a zip mount
archive from http://googlecreativelab.github.io/ You will now see a list of all the hard drives, USB
coder/#download which contains raspi.img, an flash disks and SD cards inserted into your computer.
image of a full operating system which is to be copied One of those will correspond to your SD card – in our
to an SD card. Extract the archive to a suitable case it was /dev/mmcblk0, which is what we need for
location, and then open a terminal and navigate to the the dd command. So repeat the above dd command
location of raspi.img: and substitute the if and of values for your locations.
cd /home/les/Downloads This command may take some time to complete, so
We are going to be using a command called dd to now is a great time to get a cup of tea.
With the image copied to your SD card, unmount
the card, and when prompted remove the card
When connecting to Coder from your computer. Now insert the card into your
your browser will warn
Raspberry Pi, and then insert an Ethernet cable,
you that the connection is
connected to your router, and finally insert the power
untrusted; normally this
is good advice, but for adaptor and power up your Raspberry Pi.
Google Coder we can trust With our Raspberry Pi booted we now have an
the connection, so click on effective web development environment for less
Advanced to progress. than £30, but now we need to access it. On our Linux
80 www.linuxvoice.com
� GOOGLE CODER TUTORIAL
Great resources
Google Coder is a great way to learn web elements and their compatibility across the
development. It comes with a great suite of many browsers and platforms that exist.
tools to enable you, but if you need a little If you're just taking your first steps
theory to help you understand the practice with web development then there are two
then there are plenty of great resources for essential resources provided by Mozilla.
your classes. W3Schools (www.w3schools. X-Ray Goggles, (https://goggles.webmaker.
After you've created a strong password, Google Coder will com) is a fantastic online resource that org) is a JavaScript tool that enables anyone
ask you to log in using that password. covers many aspects of web development to peek at the code that makes up web
such as HTML, CSS, JavaScript and also pages. You can even change the content on
Mint computer we opened the Google Chrome web more advanced topics such as SQL, PHP the page for use in class – try changing the
browser and navigated to: and JQuery. All of the languages have a headlines of a news website, for example.
steady and interactive stream of lessons Another great resource from Mozilla is
http://coder.local
with working examples for you to review and Thimble (https://thimble.webmaker.org/en-
When connecting to Google Coder for the first time, inspect, line by line. In class this is a great US) which is an HTML editor in your browser.
you'll be prompted to create a secure password made resource for self learning. While not as feature rich as Google Coder,
up of letters and numbers. On the next screen, enter The site also provides an excellent series Thimble is a step up from using a text editor
your new password and click on Let’s Code. of references for each of the languages, on a computer and works with most modern
including HTML and HTML 5, highlighting web browsers.
Once logged in to Coder, you will see a short
introduction to the user interface. The green box
enables you to create a new application, and the other </head>
coloured blocks are pre-made applications that can be
explored. In the top-right of the screen is the Google <body>
Coder settings menu. <h1>Hello World</h1>
<p>Your html goes here.</p>
Our project </body>
We're going to create a simple website to learn more </html>
about HTML, CSS and JavaScript. And of course we So here we have a selection of elements. We start
are going to use the Raspberry Pi 2, the latest model with <html>, which instructs the browser that we have
from the Raspberry Pi Foundation, as our subject. written an HTML document. Next we have <head>,
To create a new project, click on the green box, and which performs the tasks that happen behind the
you will be prompted to name your project. You can scenes, such as loading JavaScript and linking to
also select the colour of the box; we chose a fetching CSS documents. After the head we have <body>,
Raspberry colour. Choose a colour and then click on which contains the elements that will be visible in
Create to continue. our project. In this case we use <h1> to create a large
We are now taken to our web application, and we headline that says “Hello World”. For all of the tags, we
can see many tabs at the top of the screen, the first of must open them and then remember to close them
which is HTML. We can see that there is already some correctly, for example <html> is closed by </html>.
code in there; leave it there for now. In the CSS and You may have noticed <div> tags dotted around the
JS (JavaScript) tabs we can also see example code code. These are tags that divide the HTML page into
which for the time being can be left as is. sections; you can see one called pagecontent that
The next few tabs are identified via icons, the first contains all of the elements in the document. Later on
of which is a folder icon. This is the media menu and we'll create our own to contain part of our page.
Google Coder will display
we can use it to import pictures, files, videos and Now that we understand a little HTML, let's start
a great navigation tutorial
audio into our projects. The next icon is an eye, which building our website. We will start by editing the code when you first login - take
enables you to have a split screen preview of your that is in the body of the HTML document. You can your time to read what it
work in code and the finished results. Our final icon see the <h1> tags. Change the contents to: says as it provides lots of
is a gear, which denotes that it controls the settings <h1>The Raspberry Pi Computer</h1> useful information.
for our project – we can rename, add an author and
change the colour of the project for the main menu.
HTML
HTML is not a programming language; it's a markup
language used to position elements on a page. It does
have its own syntax, and elements are constructed
inside of tags that are encapsulated in “<..>” brackets.
An HTML document is constructed like this:
<html>
<head>
<!--In the head we store links to external resources such as
JavaScript and CSS.-->
www.linuxvoice.com 81
� TUTORIAL GOOGLE CODER
When you first create an
application, it will create a
default HTML framework
for you to work inside of.
The basic CSS template is sparse but ready for you to edit
and make your own.
<li>1GB or DDR2 RAM running at 450Mhz</li>
<li>4x USB 2 Ports</li>
<li>1x 10/100 Fast Ethernet</li>
On the next line we have <hr />. This creates a </ul>
horizontal line on the page, but this tag is different as Our next element is a rather lovely picture of the
it does not have a closing tag, rather it is a self closing new Raspberry Pi 2, and to display it we need to use
tag, denoted by the / in the brackets. the <img> tag. Type in:
Our next line of code is a <div> element, and this <img src=”
one has the class (a method to identify it in the and then use the media icon in the top-right of the
document) of pi. This new <div> will create a section screen, upload an image to Coder and then paste the
of the page that is separate from the main body link just after src. The image is rather large, so I used
of the document. Inside the <div> we will create a the “width=50%” option to reduce its size. The original
smaller headline, which asks the question “What is the image still retains its dimensions and file size no
Raspberry Pi?” matter what size is displayed in the document. Finally
<div class="pi"> you will notice the alt tag, which is alternative text
<h2>What is the Raspberry Pi?</h2> used to describe the picture for browsers that do not
Again we use another <hr /> tag to create a support images, such as Lynx:
horizontal line to divide our headline from the main <img src="/static/apps/raspberry_pi/media/Pi2ModB1GB_-
text. Creating paragraph text, as in the main body of comp.jpeg" width=50% alt="The Raspberry Pi 2 is a powerful
text, is achieved using <p> tags: single board computer" />
<hr /> We now close the pi div using </div>.
<p>The Raspberry Pi 2 is a powerful single board Our last line of HTML is a simple button, which we
computer from the Raspberry Pi foundation.</p> will make interactive using JavaScript:
<p>It comes with</p> <button>Where can I learn more about the Raspberry Pi?</
HTML can display many different styles of data and button>
one of the simplest styles is a list with bullet points. In
this project we will use an unordered list to generate Cascading stye sheets
bullets, but you could use an ordered list to create a We now move on to the CSS tab. CSS is a powerful
numbered list. layout and customisation language that enables a
To start a list we first use the <ul> tag to say that we plain HTML page to be transformed into a responsive
are creating an unordered list. Then for every item in and beautiful page. CSS is a wonderful tool – it
the list we create a <li> tag (list item) that includes the enables even the most basic and plain page to
text for that item. Each item in the list will need </li> become a stylish experience.
in order to be closed correctly. Lastly we close the list
using </ul>:
<ul>
<li>BCM2836 System On A Chip (SoC) consisting of
ARM7 quad core CPU running at 900Mhz per core.</li>
Exporting your application is achieved by clicking on the
'cog' icon from inside your app. From there you can see
JavaScript is a great language to learn, and Google Coder an arrow in the bottom right, click there to download the
enables you to test out your projects. project to your computer.
82 www.linuxvoice.com
� GOOGLE CODER TUTORIAL
To import a project into
your Google Coder, click
on the green block on the
main menu and click on
the arrow to open a menu.
Inside your application you can see a preview of how it
will look by clicking on the 'eye' icon – this opens a split- Our last section of CSS controls the pi div that we
screen preview of your code and the app. created in HTML. To select a div in CSS we must add
a full stop before the div name, which constitutes
CSS has the following syntax: the selector for this element. Our first change is to
selector { change the font for this div – we used font-family to
property: value; advise CSS which fonts it should try. If a font is not
} available then the next font in the list is used. Next we
We can select individual elements on a page using change the text colour to grey. Our last three lines of
the “selector”; we then say what we would like to CSS control the width of the div, in this case 50% of
change about the element and then enter the value. the relative screen size, and to centralise the content
Here's all the CSS for our page: we set the margins for left and right to be automatic,
.pagecontent { giving us a pleasing central column of content.
padding: 24px;
background-color: white; JavaScript – where the magic happens
} Now we come to the JavaScript that controls the
h1 { button we created in HTML earlier. The button is a
color: rgb(0,0,0); method of input, and now we must create an action to
font-family: 'Ubuntu', sans-serif; happen when it has been pressed. Our JavaScript
text-shadow: 5px 5px 5px #ff0000; code to enable the button looks like this:
} $(document).ready(function() {
.pi { $( 'button' ).click( function() {
font-family: arial, verdana; alert('To learn more about the Raspberry Pi, pick up a copy
color:grey; of Linux Voice');
width: 50%; });
margin-left: auto; });
margin-right: auto; We start with our first line, which connects our
} JavaScript code to the HTML document that we
Our first section of CSS controls the pagecontent wish to work with. We need to do this before we can
– it sets the padding of elements and the background proceed any further. We now move on to the second
colour to white. Colours can be input as names, hex or line of code, which creates the functionality for our
RGB values. The next section, h1, controls the largest button. We have our button placed on the web page
headline. We're using an RGB value of 0,0,0, which is and we instruct the code to look for an event, in this
black. To make our title look more snazzy we will use case when the button is clicked. When clicked, the
a text shadow effect to give it a red glow, which this event triggers the next line of code to be executed.
time is written as a hex value #ff0000. We trigger a pop-up dialog box to be displayed on the
screen. This is called an alert, as they are generally
used to alert the user to an issue, for example alerting
Code for this project
the user to an incorrect password.
You can find the complete code for this project at our You will notice that the first two lines of JavaScript
Github repository https://github.com/lesp/LinuxVoice- mention functions; these are actions that are called
Issue-14-GoogleCoder. Those of you unfamiliar with Git when an event occurs, for example the button click,
can download the complete package as a Zip file from
this is given the name “callback”.
https://github.com/lesp/LinuxVoice-Issue-14-GoogleCoder/
blob/master/raspberry_pi.zip Congratulations, you have created a simple web
You can easily import the project into Google Coder page using HTML, styled the content using CSS and
by clicking on the green new app block in the top-left of added interactivity using JavaScript.
the main screen. You will see an up arrow; click there and
navigate to the downloaded file. Select the Zip file and the
Les Pounder divides his time between tinkering with
project will be uploaded to your Raspberry Pi and instantly hardware and travelling the United Kingdom training teachers
opened ready for you to edit. in the new IT curriculum.
www.linuxvoice.com 83
� TUTORIAL VECTOR GRAPHICS
VECTOR GRAPHICS ON THE
TUTORIAL
WEB, FOR THE WEB
Scalable Vector Graphics are here, and they aren’t going away – so
MARCO FIORETTI
learn how they work with an excellent Free Software tool.
V
ector graphics are digital images that “photographs”: this includes charts, diagrams, logos,
WHY DO THIS? computers render by executing drawing comic-like illustrations and most clip art. Vector
• Discover a simple, statements, instead of just copying huge graphic files are lists of textual instructions like “let’s
multiplatform graphic arrays of coloured pixels to the screen. The second have a blue five-pointed star on a red background, in
editor that is a great method, called “raster” graphics, is the one used by the right half of the image, with a height 80% of the
self-training tool.
traditional image formats like GIF, JPEG and PNG. The total height”.
• Learn a graphic format
that is finally ready to first part of this tutorial explains how vector graphics See the trick? A set of descriptions like that couldn’t
take over the web. work and what their advantages are. The second care less about the size and form factor of the screen:
• Add images to your presents a basic, but ubiquitous open source editor to if executed properly, it will always produce a 100%
website that will look produce and study these graphics. sharp image, everywhere. Want 100 stars instead of
great at any size.
So what are vector graphics anyway? Have you ever one? Just repeat that one command 100 times. And
considered how JPEG digital photographs work? you get all this from a tiny file that only contains plain
Apart from metadata like timestamps and author text, which can be generated by software.
names, such files just contain an ordered list of all the Vector graphics were already great for non-
points (pixels) that compose the picture, each photographic images on the web when they first
complete with its colour and coordinates. This appeared, more than a decade ago. The arrival of
structure is simple and has one big advantage but HTML 5, even on mobile terminals, has made them
even bigger drawbacks. When you use pixels, you can even more interesting. The reason is that HTML 5
describe any image, from portraits and charts to pages and applications can directly embed vector
tropical landscapes, with as much detail as you want. graphics inside themselves (it’s all text, remember?)
To add more detail, just add more pixels. and also quickly manipulate them in real time, reacting
Of course, since compression can’t do much on to user input, with JavaScript.
images without regular patterns, this greatly increases
the file size, which is really bad in this wireless age of Your first vector graphics editor: SVG-edit
often slow connections. Besides, no matter how many The only format we need to care about in this tutorial
pixels a raster image contains, they are never enough is called SVG, that is Scalable Vector Graphics. While
to avoid deformations when the image is zoomed, or the undisputed king of SVG design with free software
displayed on screens with different form factors. is Inkscape, here we present another editor, called
Vector graphics completely avoid these problems SVG-edit (https://code.google.com/p/svg-edit).
for all images that are drawings rather than We are doing this because we feel that SVG-edit is a
better application for beginners to learn about vector
graphics, and also flexible and “web-ready” in ways
that Inkscape cannot match.
SVG-edit has far fewer buttons and menus than
Inkscape, but still enough to do useful work. You can
quickly practice all the essential operations without
getting confused by too many options. At the same
time, since the user interface has the same general
structure as Inkscape, it will prepare you to use it.
From a technical point of view, SVG-edit is a mix of
HTML pages and JavaScript code that runs in any
modern browser. There’s nothing to install; just load
The first thing to do the web page that contains the stable version at
in SVG-edit: study its
http://svg-edit.googlecode.com/svn/branches/
simple (but important)
stable/editor/svg-editor.html.
preferences panel and
test it until you find the To begin with, it is very easy to embed SVG-edit in
combination that works for your own website with one line of HTML code like this:
you, because it can greatly <iframe src=”http://svg-edit.googlecode.com/svn/branches/
impact usability. stable/editor/svg-editor.html” width=”750” height=”600”/>
84 www.linuxvoice.com
� VECTOR GRAPHICS TUTORIAL
You can use SVG-edit without internet access. Just
download the current version from https://code.
google.com/p/svg-edit/downloads/list, install it on
your local network, and all your relatives, students or
colleagues will be able to use it, as long as you also
made a local copy of the JavaScript libraries that
SVG-edit needs, and patched its source code to point
to them.
This simple, more or less self-contained
architecture also makes it easy to integrate SVG-edit in
desktop applications. The most popular example is
the HTML editor BlueGriffon, which uses SVG-edit for
vector graphics design.
Let’s draw with SVG-edit
Being an in-browser application, SVG-edit is slower
than a real desktop application. Keyboard shortcuts
for certain functions will be available only if your
browser hasn’t already mapped them to some of its
own functions, and some combinations of size, shape
and zoom level of the browser window in which
SVG-edit runs may make some buttons in the top bar
overlap. You may, however, change the size of all the
This is what SVG-edit looks
icons in the program configuration panel, accessible Finally, the right-hand side hides the menus for layer
like while you work. Notice
from the top-left main menu. management, which we will cover in a moment.
the context-sensitive top
The first time you start this program, it will ask you It is possible to load SVG graphics, or include raster toolbar, the many handles
if you want to store preferences and SVG content on images, in the current canvas. Saving your work in available to move an
your computer. Accepting is, of course, the only way either SVG or PNG format is also possible, but works a object and the available
to not restart from scratch every time. bit differently than in native desktop applications. gradients.
The user interface of SVG-edit is relatively simple. When you tell it to save or convert the content of the
The central drawing area (the canvas) is framed by an canvas, SVG-edit will open it in a new tab of the
edge that hosts one set of functions per side. browser. You will have to save the content of that tab, PRO TIP
At the top there is the main menu, with some as one file with a .svg or .png extension, by yourself. Plan and configure your
“always-on” buttons and a context-sensitive toolbar. layers carefully! The
better they match the
Two of the constant buttons are for Undo and Redo; Basic operations conceptual structure of
there’s one to edit the XML source, and another two to In vector graphics, simple geometric objects are the complete graphic, the
show or hide the drawing grid and the wireframe defined by their formulas and/or core properties such easier it will be to draw or
update it!
structure of the graphics. as radius and centre position for a circle, number of
The bottom area is mainly devoted to colour points for a star and so on. To create such objects,
management. The buttons for all the main tools click on the corresponding button on the left, then
(cursor, pen, shape library, insertion of text or circles, check the drawing parameters that will appear in the
rectangles and other geometric figures) sit on the left top bar. If you don’t like their default values (for
side. Since they are quite intuitive, and equipped with example if you want a star with 10 points instead of
tooltips, we won’t spend much time describing them. 5), change them as you wish, then drag the cursor on
The power of scalable vector graphics for the web
Version 1.0 of the SVG standard was published in 2001, but place a long, complex explanation exactly where you want in
remained largely ignored for years. The reason is simple: there a graphic, and they will still be recognised as food for their
were very few applications that could create such files, and indexes by Google and friends.
even fewer browser plugins to display them. This situation At another level, when combined with CSS (Cascading Style
only started to change in 2008, when Firefox and Safari gained Sheets), SVG can give websites backgrounds and decorations
native SVG support. that look consistent at any resolution and with any kind of
Today, SVG isn’t yet fully supported as well as a 14-year-old screen, because they can be redrawn on the fly.
open standard really should be. However, it is already usable The last SVG cool technique we suggest that you learn,
for a bunch of very cool and useful applications. after you have mastered the basics, is sprites: single files
What happens when, thanks to SVG, all the text inside that contain many independent graphic elements, formatted
all the graphic elements of a web page is actual plain text, in a way that a browser can easily extract and use each of
instead of bunches of pixels? Easy: search engines can them separately. Sprites can make the rendering of complex
finally analyse that text too, without errors and with the same web pages much faster, and can be used to create simple
accuracy as they already do with the page content. You can animations.
www.linuxvoice.com 85
� TUTORIAL VECTOR GRAPHICS
Layers are essential in group of objects can be bundled to form a composite
a vector graphic editor, object. The button that groups all the selected objects
to avoid errors and work is the one with the two overlapping rectangles.
faster, without losing track
of some object. Remember Layers
to name your layers Using layers in vector graphics is a must, in at least
properly!
two very common cases. One includes all the times
you end up with so many objects that having them all
as one bundle makes it hard to see or select the one
you want to edit in any given moment. Defining more
layers, and placing only a few objects in each of them
makes you work faster, and is also safer, because only
the objects in the current active layer are editable.
The other reason to use layers is when you need
animated images, or images in which some group of
elements cover other groups only partially.
When you drag the “Layers” vertical label on the left,
SVG-edit opens the Layers Management boxes shown
left. As with the rest of the interface, the buttons here
are simple: they create, delete, name or reorder layers
as you wish. One bit of advice: always use the naming
function to give all your layers descriptive names. You
and any other future editor of your graphics will be
grateful. If you need to change the way in which
several objects inside the same layer overlap, just
select the one you want to place on top (or bottom)
and click on the stacking buttons in the top toolbar.
Paths and path editing
PRO TIP Sometimes there is no combination of straight lines
Path editing is an SVG and geometric shapes that will exactly draw the
operation that is a little the canvas, to define the area where you want them to object you want. The solution to this problem is to
obscure, but worth
appear. SVG-edit will do the rest. convert lines to paths, or draw them from scratch.
practicing. Moving the
nodes of a path or linking Depending on the version you use, and on how you Paths are combinations of short elementary
them to smooth it can configured it, SVG-edit may also offer some ready-to- segments that can be either straight, or sections of
be boring, but produces
use vector clip art when you click on the library button. regular curves expressed by mathematical functions.
beautiful lines that seem
drawn by hand. Text? In SVG-edit it’s just another object. Click on the Paths can be built and edited in several ways. You can
“A” button, change the default face, size and so on in draw freehand and then convert the result to a path,
the top toolbar if necessary, then place the cursor for example. The curved segments of a path may be
where needed, and type. modified by dragging their constituent nodes.
Once you have created objects, you can associate When you click on the Path tool in SVG-edit, the top
hyperlinks to them. You can also move and resize toolbar will add fields to change the coordinates of
objects as you want just by dragging the whole box
that appears around them when they are selected, or What to read next
any of its corners. The main handle on the top of that
box is used to rotate the object. If turning that handle The best sources to learn the insides of SVG and
isn’t precise enough for you, type the rotation angle understand its full potential are, in our humble opinion,
you want in the top toolbar. If your goal is relative one website and one book. The website is the SVG home
page (www.w3.org/Graphics/SVG), which hosts the official
alignment of objects to one another, use the
specification and other useful material. The book is SVG
alignment menu on the right of the top toolbar. Essentials, Second Edition, by JD Eisenberg & A Bellamy-
The stamp button is used to clone (only one clone Royds, published by O’Reilly, 2014.
per click, unfortunately) the current object. To move If you want to extend or customise SVG-edit, go to the
an object from one layer to another, select it and then official wiki (https://code.google.com/p/svg-edit/wiki)
and read the pages titled “Extension Docs” and “Config
choose “Move Elements To” in the Layers panel.
Options”. The first has a simple, but complete example
There are two ways to do it: the lens on the left of how to write an extension. The second lists plenty of
enlarges whatever was selected until it fills the whole options to make the program work just like you want.
canvas. The “zoom level” menu at the bottom enables Finally, there’s one application of SVG for the web that
you to zoom in (or out) in more gradual steps. we haven’t covered here but that deserves a whole tutorial:
embedding interactive, spreadsheet-like charts in web
Please note that we have used the term “object” in
pages. Visit http://pygal.org to see what we mean.
the most possible generic sense here. In fact, any
86 www.linuxvoice.com
� VECTOR GRAPHICS TUTORIAL
each “node”, which is a junction of elementary Under the hood, all SVG
segments. Another path operator that deserves graphics are plain text like
explanation is the one for “linking control points”: this this, that you can easily
expression indicates the modification of two study or tweak with any
segments that connect at the same node (the control editor – check for yourself.
point) in such a way that they both have the same
tangent in that point. The practical effect of this
operation is to make that part of the overall path look
smooth, without apices or other discontinuities.
Colours and gradients
Colour assignment in SVG-edit works pretty much like
in any other basic graphic editor. You can define the fill
colour and the border colour of each object from a
predefined palette, or by typing a valid HSB or RGB
value in the associated input box. To make this
change, you must click on the bucket icon first; the
eye dropper button changes both the active filling and
line (stroke) colours of the current object(s).
The funkiest colour-related functions of SVG-edit are
the ones that”mess” with colours: you can fill an teach you more about vector graphics than
object with a pattern varying between two colours, thousands of mouse clicks.
from one extreme to the other (linear gradient) or from Is it possible to extend the functionality of SVG-edit?
centre to borders (radial gradient). The panels to do Yes, of course. You can add buttons made of SVG
this open when you click on the bucket icon at the graphics to the left or top toolbars of SVG-edit, and
bottom of the screen. The Gaussian Blur input box on bind them to generic JavaScript code, saved in the
the top, instead, applies a user-configurable Gaussian SVG-edit sources, or (much better) in a separate file.
blur to an object, which is Math lingo for “make this
object look as if we were seeing it through thick fog”. Advanced configuration PRO TIP
An extension saved in a single JavaScript file, placed Never forget to have a
Use the source! in the extensions subfolder of the SVG-edit installation, look at the SVG source
code of every graphic you
The great power of SVG graphics is accessible from will be loaded if you add the name of that file to the
create. With tools like
the Show Source button of the main SVG-edit toolbar: URL of the editor, as in this example: SVG-edit, or any decent
you can see and edit, or just copy and paste in other http://example.com/my-svg-edit/svg-editor. text editor, it is very easy,
and worth the time you
editors, the whole source code of the current drawing. html?extensions=my-extension.js
spend on it.
We strongly suggest that you use this feature to look Calling SVG-edit in this way is extremely simple.
inside every SVG graphic you draw by yourself, or find However, it disables all the other extensions that the
online. Even if you are 200% sure that you will never program may have otherwise loaded. Depending on
want or need to edit SVG sources by hand in your your needs, this may be a bonus or something to
whole life, looking at that code (which is verbose, but avoid at all costs. Luckily, there is a way to load only
much easier to understand than you may think) will the extensions you want out of those placed in the
extensions subfolder of SVG-edit: list them in the array
of the same name that is defined in the source file
called svgedit.compiled.js.
Other options, like the default size and background
colour of the canvas, can be set in two ways. You can
add all of them to the URL:
http://example.com/my-svg-edit/svg-editor.html?dimensions=8
00,600&&initFill[color]=FF0000
or write them in a file called config.js, in the root folder
of SVG-edit, inside a JavaScript hash called setConfig:
svgEditor.setConfig({
dimensions: [800, 600],
initFill: {
color: ‘FF0000’
}
});
Object groups, crisp lines, rotated text… here’s an example Marco Fioretti is a Free Software and open data campaigner
who has evangelised FOSS all over the world.
of some of the functions of SVG-edit.
www.linuxvoice.com 87
� TUTORIAL X86
HOW YOUR COMPUTER WORKS:
TUTORIAL
INSIDE AN X86 CHIP
You press a switch, and Linux starts booting. What’s going on
VALENTINE SINITSYN
under the hood in the meantime? Let us explain.
L
inux has a long-established reputation of being sharing some resources, like caches. From a
WHY DO THIS? the operating system for hackers. It became programmer’s viewpoint, multicore and
• Understand why Linux unnecessary to know what happens behind the multiprocessor don’t differ too much, and in this
works the way it does curtains of major desktop distributions a while ago, tutorial, we’ll use both terms interchangeably.
• Troubleshoot occasional but it is still beneficial to understand how computers Processor instructions are rather low-level: you can
problems better really work. Being able to decipher cryptic error load and store bytes of memory, do basic maths,
• Earn yourself some geek messages means you can diagnose Linux problems jump unconditionally (like goto) or conditionally (like
points
(let’s face it – this happens from time to time) much if-else), and maybe calculate CRC32 checksums or
more quickly. It is also fun and not really difficult if you do AES encryption, if your CPU provides these
have some programming background. extensions. However, there are no higher-level
We often hear that Linux is ideal for education, as it functions, like “convert integer to string”. Some CPUs
doesn’t attempt to hide the inner workings from (like x86) can access memory directly, while others
anyone curious enough to look at them. Let’s take this (ARM) operate on registers.
one step further and learn something from our Registers also store the processor’s state, and
favourite OS. So, brew yourself a cup (or glass) of carefully saving and restoring them is how Linux
whatever you prefer, and let’s get started. switches tasks (threads or processes).
An x86 CPU can operate in different modes.
A bird’s eye view Sometimes, programs are granted access to the
Although your computer is undoubtedly a very whole memory, and no address translation is
sophisticated device, the operations it performs are (in performed. This is known as ‘real’ mode, and is used
essence) quite simple. The Central Processing Unit, or during the boot phase or in older operating systems
CPU, continuously samples program instructions like MS-DOS. Other times, the CPU may check
from memory and executes them on data that also memory access rights and prevent one program from
comes from RAM. Most modern computers (and touching another. This is called ‘protected mode’,
even smartphones) have multicore CPUs, which are and it’s often combined with paging, or address
essentially multiple processors on the same die translation, to produce the paged protected mode that
Linux (and other major OSes) run in.
Finally, most modern CPUs are 64-bit, but can run
in either 32-bit ‘compatibility’ or 64-bit mode (the ‘long
mode’ term refers to both). The memory address and
register size are determined by whether the processor
is 32- or 64-bit; 64-bit CPUs can address more
memory and handle data in larger chunks, which
usually means better performance.
Add-ons
Computers also have peripheral devices, like video
cards or network adapters. Nowadays, they are often
built-in and not separate extension cards, but for our
discussion, it doesn’t really matter. To communicate
with these devices, programs running on the CPU use
Even the high-end x86 I/O ports or memory-mapped registers (MMIO). MMIO
computer you may have
is memory range that is accessed like the rest of RAM,
on the table today follows
but resides on the device rather than in a DRAM bank.
the architecture John von
Neumann described back If a device needs CPU attention, it sends an interrupt,
in 1945. which can be as simple as putting a selected wire
Provided by LANL, public domain voltage to low or high, or as sophisticated as a special
(see http://commons.wikimedia.
org/wiki/File:JohnvonNeumann-
type of message within the PCI bus. Either way, this
LosAlamos.gif signal ends at the local APIC, or Advanced
88 www.linuxvoice.com
� X86 TUTORIAL
Programmable Interrupt Controller. It’s integrated with Most modern CPUs are in
the CPU (or its core) and uses clever algorithms to fact multiprocessors. This
decide when to tear the CPU away from what it’s AMD A10 (Kaveri) chip is
currently doing and ask it to service the interrupt. APIC no exception: it has four
CPU and eight GPU cores.
can also serve as a source of interrupts itself: it has a Photo: Yulia Sinitsyna
built-in timer and facilitates sending inter-processor
interrupts or IPIs.
More on registers
A register is essentially a small (typically 64- or
128-bit) and fast memory cell built into the CPU. Some
registers have a predefined meaning or purpose, while
the others can be used to store arbitrary data. The
latter ones are usually called general-purpose
registers, or GPRs. The number of registers available
and their names (also known as a register file) are
defined by the CPU architecture. A 64-bit x86 CPU has
16 general-purpose registers: RAX-RDX, RDI, RSI, RBP,
RSP, and R8-R15. If you’re wondering about the This way, legacy 32-bit processes can run in a 64-bit
names, then historically the Intel 8086 processor had OS if they are assigned a CS with L=0. Library code,
16-bit AX, BX, CX and DX registers. Intel 80386 (I still however, shares the CS register with the process it
have this one in the attic!) introduced 32-bit mode. is linked to, and as plugins are often implemented as
Registers also became 32-bit wide and got an E-prefix shared libraries, there’s no way to run a 32-bit plugin
(“E” stands for “Extended”). The R-prefix and numeric in a 64-bit host (except by putting it inside a separate
registers were introduced with 64-bit mode, to 32-bit process).
increase size of the register file. In 64-bit mode, Then there are the control registers – CRx. Officially,
E-prefixed registers become lower halves of their there are sixteen of them, but only few are currently
R-prefixed counterpart. used. CR0 determines whether the CPU is in real,
Special-purpose registers come in several flavours. protected, or paged mode, or a combination thereof.
First there’s RIP, or the program counter, which stores The CR3 register contains a pointer to the page table
the memory address immediately after the current root used to translate addresses in paged mode. We’ll
instruction. The instruction address is defined relative cover this and the CR2 register shortly.
to the code segment base, which is available via the When the CPU is in protected mode, only privileged
CS register. There are other segment registers, like DS code (the operating system kernel) is allowed to
for data, SS for stack, or GS, useful when switching change control registers. This way, for example, Linux
from user space to kernel space in 64-bit mode. processes’ virtual address spaces are kept isolated
Segments date back to 16-bit times where a single from each other.
word-sized register wasn’t able to address memory Finally, there are model-specific registers, or MSRs.
beyond 64k. As the name suggests, different CPU models may
Nowadays, with registers being at least 32-bit wide, have different MSRs even within the same (x86)
segments are not that important (for more on this, architecture. These registers are widely employed to
see Mike’s assembler tutorial on page 106). In fact, support advanced features that weren’t initially part
they are mostly ignored in 64-bit long mode. However, of the x86 architecture. This includes 64-bit mode,
some bits of the CS register are still recognised; these or the x2APIC interrupt handling found on modern
include privilege level field (so segments can be used Intel CPUs and vital for low-latency virtual machines.
as a memory access control mechanism), and the ‘L’ Model-specific registers are referred by their numbers
flag, which is set for segments containing 64-bit code. and are 64-bit wide.
Registers in the wild Back into labs
There’s much that can be said about registers, but it’s
CPU registers are a scarce resource. As they are much time to practice. Let’s start with a simple experiment.
faster to access than memory, using them for data Open a terminal and type:
operations drastically increases performance. However,
$ cat /proc/cpuinfo
data begins and ends in memory, and the associated
overhead can make a whole game not worth the candle. You’ll get a lot of information about your CPUs,
That’s why compilers use clever algorithms to allocate somewhat like this:
registers for a program’s variables in the most optimal way. processor :0
The C programming language even provides the register vendor_id : GenuineIntel
keyword, which can be used as a hint for the compiler. It
...
was useful back in older days, but now most optimising
compilers are smart enough and simply ignore it. flags : fpu vme ... vmx ... nx ...
Many of these bits of data are obtained with CPUID
www.linuxvoice.com 89
� TUTORIAL X86
$ sudo rdmsr 0xc0000080
1d01
Virtual Address 0x1d01 is 1110100000001b, so bit 12 is set.
Trying to clear it with the wrmsr tool while the guest
Ox 1 2 3 4 5 6 7 8 0 0 F is running triggers a kernel bug in KVM (don’t say I
enticed you to try this):
$ sudo wrmsr 0xc0000080 0xd01
Page table Page table Page $ dmesg | tail
Level 1 Level 1 [25360.493222] ------------[ cut here ]------------
Offset
[25360.493279] kernel BUG at arch/x86/kvm/x86.c:290!
Entry
Entry [25360.493323] invalid opcode: 0000 [#1] PREEMPT SMP
EFER also enables long mode. Two bits, LME
(number 8) and LMA (number 10), indicate that long
mode is enabled (E) and active (A). An OS that wants
to run in long mode sets LME bit, and the mode is
activated as soon as paging is enabled in CR0. So,
both LME and LMA are running in a 64-bit system.
The value above has both bits set, as well as bits 0
and 11. The former enables fast system calls, and bit
11 is the famous NX (or Non-eXecutable) flag that
An example of address
translation using two-level processor instruction. It queries CPU functions (also makes it harder to exploit common vulnerabilities.
page tables. Offset within known as “leafs”) by number (passed in the EAX It’s optional, but we saw that our CPU supports it in
the page is not translated register) and receives results in EAX, EBX, ECX and /proc/cpuinfo.
but added to the result. EDX. For instance, the GenuineIntel string is returned
copyrighted by Yulia Sinitsyn by function 0. For an AMD processor, like the one in A word of memory
the photograph, it would be “AuthenticAMD”. Bit 5 set How a CPU sees memory depends on processor
in ECX for function 1 means the CPU supports VMX mode. Here, we’ll speak of paged protected mode, as
(Intel’s virtualisation technology). Checking that /proc/ it is the main one Linux runs in. In this mode, memory
cpuinfo contains the vmx flag is common advice can be seen as a collection of pages. Put simply, a
when KVM and VirtualBox refuse page is a 4k (or more, like 2MB or even 1GB) chunk of
“If the exception happens to start, and now you know bytes that share common properties, like cacheability
where it really comes from. or access rights. Many low-level structures, like virtual
in kernel mode it is /proc/cpuinfo shows only a machine control blocks, start at a page boundary, or
considered a serious bug.” subset of CPUID leaves. If you are page-aligned. Linux keeps track of every page
want them all, consider the frame in the system with a special structure (struct
cpuid tool: page): it may sound wasteful, but in reality this uses
$ sudo cpuid 0 # 0 is processor number only a tiny fraction of available memory. Linux also
combines pages into “zones”, and you can easily see
Leaf Subleaf EAX EBX ECX EDX how they are organised on your system in /proc/
00000000 00000000: 0000000d .... 68747541 Auth 444d4163 zoneinfo.
cAMD 69746e65 enti When in paged mode, the CPU also uses special
00000001 00000000: 00630f01 ..c. 00040800 .... 3e98320b tables to translate the addresses it operates on (or
.2.> 178bfbff .... “virtual”) into real ones (or “physical”). A part of the
Note how “AuthenticAMD” is returned. CPU called the Memory Management Unit (MMU) is
You can play with MSRs in a similar fashion, responsible for this, and the IOMMU does the same
although I wouldn’t recommend writing to arbitrary for external peripherals. Translation enables each
registers in a production environment because you process to have its own private address space, and a
can hang your machine quite easily. Reading is safer, kernel to protect itself from user-mode programs.
but unless you know the register numbers it’s very
much an “arbitrary value in – arbitrary value out” Prepare your tools
experience. Consider the following:
$ sudo rdmsr 0xc0000080 cpuid, rdmsr and wrmsr are parts of the Intel-developed
d01 msrtools package. You are unlikely to get them with
package manager, but they are small and trivial to compile
RDMSR is short for “read MSR”; it’s an assembly
yourself. Just download the tarball (only 7k!) from
instruction that the tool was named after. MSR https://01.org/msr-tools, unpack and run make. If you
number 0xc0000080 is the Extended-Feature-Enable get errors when running tools, ensure you have the cpuid
(EFER) register, and it has various uses. For instance, and msr stock kernel modules loaded, and device nodes
to enable SVM (AMD’s virtualisation technology), you created; the MAKEDEV-cpuid-msr script bundled with
the sources can help with the latter. Root privileges are
set bit 12 in EFER to 1. If you are on AMD, start any
required, so be careful.
KVM guest and run the command again:
90 www.linuxvoice.com
� X86 TUTORIAL
To support this protection, page tables contain Serial ports are easy to
access control flags. A page can be marked as program, but with modern
present, writable, executable, or available for the PCs, you may need a bit
kernel only. If code accesses a page that isn’t present of cabling to actually use
them.
or is otherwise unavailable, the faulty address is Photo: Yulia Sinitsyna.
stored in the CR2 register and a hardware exception
is thrown. If this happens in userspace, the kernel
checks if the page accessed was swapped out to the
disk and either reads it back or sends a SIGSEGV to
the program (that’s the famous “Segmentation fault”
error). If the exception occurs in kernel mode, it is
considered a serious bug, and the kernel panics.
Translation tables
Translation tables are essentially chained arrays (see
the diagram). First, the virtual address is split into
several parts (four, if in 64-bit mode). Each part is then
used as an index into the table that contains either an
address for the next page table, or (at the lowest level)
a physical address of the page itself. The exact format
of the page table entry differs depending on page size
or extensions, like Physical Address Extension (PAE). If
PAE is enabled, more bits are allocated for the page’s
physical address, allowing 32-bit code to reference
memory whose physical address is beyond 4GB. This
doesn’t magically make 32-bit address space more
than 4GB in size, but it helped 32-bit servers to have elaborate. One way Linux lets you see how I/O ports
more RAM until 64-bit servers become mainstream. are used should feel familiar:
Now let’s check which memory regions are defined $ cat /proc/ioports
on your computer (this depends on BIOS, RAM size, 0000-0cf7 : PCI Bus 0000:00
and the kernel version): 0000-001f : dma1
$ cat /proc/iomem 0020-0021 : pic1
... 0040-0043 : timer0
00100000-bf680fff : System RAM 0050-0053 : timer1
01000000-015427b9 : Kernel code 0060-0060 : keyboard
015427ba-018e037f : Kernel data 0064-0064 : keyboard
01a05000-01b2afff : Kernel bss ...
... Here, we see that ports 0x60 and 0x64 are assigned
c0000000-feafffff : PCI Bus 0000:00 to a PS/2 keyboard controller. Surprisingly, we can
... also use it to reboot the computer! This explains why
d7100000-d80fffff : PCI Bus 0000:06 access to the I/O port from Linux userspace is usually PRO TIP
If you liked this tutorial,
d7100000-d710ffff : 0000:06:00.0 prohibited. However, the ioperm() and iopl() system consider getting yourself
d7100000-d710ffff : ath9k calls can make a desired I/O port range (or a whole two books: Inside
Addresses shown here are physical. You can see I/O address space) accessible. Root privileges are the Machine by Jon
Stokes and Linux Kernel
where the kernel lives, and also the memory range generally required, and it is rarely a good idea to use Development, 3rd Edition
assigned to Atheros network adapter (ath9k). If a these unless you run some old X server. by Robert Love.
user space program can modify translation tables Now you have a some understanding of how the
and map that address, it could re-program a card. For computer you use everyday works internally. That
example, it could send network packets bypassing a wasn’t that hard, was it? This tutorial is a kind of
system firewall. That’s why managing page tables is high-level overview, but you can find all details in Intel’s
the kernel’s job. SDM (Software Developer’s Manual) or AMD’s APM
(Architecture Programmer’s Manual), available freely
A bit of device (as in beer) from the respective websites. Linux opens
Finally, let’s briefly cover external devices. x86 many possibilities to try new stuff you learned. If you
architecture provides what’s called I/O space – 64k of come up with some clever experiment, don’t forget to
addresses (known as “ports”) accessible with IN and share it with us!
OUT assembly instructions. They are already enough
to send data over serial line. That’s why system Dr Valentine Sinitsyn prefers programming bare-metal but
programmers often use serial ports for low-level occasionally writes some Python. He contributes to the
Jailhouse hypervisor and teaches physics.
debugging – USB, for instance, is much more
www.linuxvoice.com 91
� TUTORIAL SHARES
SHARES WITH SHARED CODE –
TUTORIAL
PART 2
Mix real-world data with our own custom algorithms to make
ANDREW CONWAY
enough money to buy that volcano you’ve always wanted.
S
ettle down everyone – we’re going to write code unless, of course, you can predict the future. That
WHY DO THIS? to buy and sell shares from a portfolio to ensure said, it is still possible to devise sell-high, buy-low
• Work with real-world that we don’t lose money and, hopefully, that we algorithms that do not rely on knowing you’re at a
data make some money. For simplicity, we’ll begin by peak or in a trough.
• Prove that you’re looking at a portfolio of shares that’s identical to those
smarter than a City in the FTSE 100, and so the only choices are when to Aim high, start low
whizz-kid
buy or sell shares. Let’s now construct our first, very simple algorithm to
• Laugh at fund managers
and their obscene The FTSE 100 is a stockmarket index that is decide when to buy and sell shares for a single
money-for-nothing constructed by taking a weighted average of the value company. It makes one of two decisions: either to
charges of shares for the 100 leading companies registered spend all available money buying shares, or to sell
on the London Stock Exchange. At the start of 1984, shares we currently possess. This is of course a
when the FTSE 100 began, it was given the value terrible strategy, and similar to what a desperate drunk
1000 and by the end of 2014, due to the changes in might employ in the wee hours at a casino.
share values, the FTSE 100 had risen to about 6,500. The code, written in Java, is:
So if we bought shares in 1984, in proportion to how public class SingleInvestment {
the FTSE 100 is weighted, and kept our portfolio double money, sellThreshold=2, buyThreshold=-0.05;
mirroring the composition of companies represented TimeSeries timeSeries
in the FTSE 100, then if we sold them 30 years later
in 2014, we should see a return of about 650% (or a void invest(double investment) {
factor of 6.5, if you prefer) on our initial investment. money=investment-timeSeries.purchaseShares(investment);
Once you correct this for inflation – the fact that do {
prices have risen over the 30 years – it is still a sellShares();
respectable 300%. buyShares();
But you’d not get such an impressive return for } while (timeSeries.next());
all periods of the FTSE 100’s history. In fact, if you double rawProfit = money+timeSeries.getFinalValue() -
bought at the 2000 peak, which coincidentally was investment;
also about 6500, then selling in 2014 would just }
return the money you put in, and after accounting for }
inflation you’d be worse off.
Next, let’s consider how a simple sell high and The money variable will record what’s not invested
buy low scheme might improve things. If we bought in shares, and the Threshold variables are parameters,
£1,000 of FTSE 100 shares in 1984, then sold at the of which, more later. The TimeSeries class handles
year 2000 peak all aspects of the time series, including iterating
“It’s possible to devise an to receive £6,500,
and invested this
through time and purchasing and selling shares, and
is designed to keep our investment code clean and
algorithm that can profit from the all again in 2003 readable. In fact, we needn’t concern ourselves with
peaks and troughs of share prices.” when the FTSE
100 was worth
how the TimeSeries class is implemented.
The invest() method takes the amount to be
only 3,500, then invested and on the very first line splurges it to
we’d get (6,500/3,500)*£6,500=£12,071 in 2014, ie a purchase as many shares as possible with the call to
return of 1,200%. purchaseShares(). Only a whole number of shares
Clearly, it is possible to devise an algorithm that can can be bought, so it returns the actual amount
profit from the peaks and troughs of share prices. In spent, which we use to update the money variable.
fact, we can improve things even more if we sell at Next, we start the loop which calls sellShares()
the 2007 peak and buy in the trough of 2008/9. But, then buyShares() repeatedly until timeSeries.next()
there’s a snag, which might well have occurred to returns false, telling us we’ve reached the end of the
you. It’s easy to see peaks and troughs in a graph of data. The sellShares() and buyShares() methods are
historical data, but there’s no way to know whether as follows:
you have reached a peak (or trough) at the time void sellShares() {
92 www.linuxvoice.com
� SHARES TUTORIAL
if (timeSeries.getPrice() > sellThreshold * timeSeries.
getPriceAtLastPurchase()) { How our companies have been doing
money += timeSeries.sellShares(timeSeries.
Here’s a plot of prices for all shares we’re with:
getSharesHeld()); interested in, and the value of the FTSE100, wget “http://ichart.finance.yahoo.com/table.
} which uses a different scale to the right. You csv?s=BP.L” -O BP.L.csv
} can download the data from Yahoo finance. Or you could put that same URL into your
For example, on the command line you can web browser. We’ll be working with the
fetch all available data for the share BP.L Adj.Close column of the data.
void buyShares() {
double delta = timeSeries.getDelta(5); 1000 7000
BP
if (timeSeries.getSharesHeld()==0 && delta < buyThreshold
ITV
* timeSeries.getPrice()) { 900
LLOY
money-=timeSeries.purchaseShares(money); MKS 6000
800 NG
}
TSCO
} FTSE100
700
The sellShares() method checks the current price 5000
of the shares we’re holding, and if the price has risen 600
to more than sellThreshold times the price we paid Share price/GBP
for them, then it sells all shares by calling timeSeries. 500 4000
FTSE100
sellShares() returns the amount from the sale so we
can add it to the money variable. 400
The buyShares() method is similar, except its 3000
condition for buying is twofold. 300
First, we currently hold no shares, and secondly
200
that delta – the difference between the price now 2000
and the price five time-steps ago – is less than
100
buyThreshold times the current share price. Applied
to monthly FTSE 100 index data from its beginning 0 1000
to January 2015, this algorithm generates £10,982 1982 1985 1988 1991 1994 1997 2000 2003 2006 2009 2012 2015 2018
on an investment of £1,000, ie a profit of £9,982.
Since £1,000 in 1984 equates to about £3,000 today
when adjusted for inflation, this is a very respectable ArrayList<StockTimeSeries> seriesList = new ArrayList();
return, and not too far behind the return achieved with ArrayList<StockTimeSeries> availableList = new ArrayList();
prescient knowledge of peaks and troughs. ...
But there’s still a snag with this scheme: how public void invest(double investment) {
should the parameter values be decided, and how money = investment;
sensitive is the profit to their values? The answer to Calendar cal = Calendar.getInstance();
the latter question is quite sensitive: if we change cal.setTime(seriesList.get(0).getFirstDate());
sellThreshold to 1.5, then we no longer make a profit, int index=-1;
but a loss of £2,105, and if we change it to 2.5, we status = updateAvailableList(cal.getTime());
make a below-inflation profit of £379. The values of do {
2 and -0.05 came from trial and error, guided by a if (index == -1) {
thermally efficient, wet neural network, ie my brain. buyShares();
Also, remember that these values may work well on } else if (sellShares()) {
the history of the FTSE 100, but there’s no guarantee index = -1;
that these values will work on future data. }
do {
Multiple eggs – one basket cal.add(Calendar.DAY_OF_MONTH, 1);
Now let’s move up a gear and work with a number of status = updateAvailableList(cal.getTime());
different shares rather than having a portfolio which is } while (status == NO_NEW_DATA);
mirroring the FTSE 100. For simplicity, we’ll restrict } while (status != NO_MORE_DATA);
ourselves to owning only one of these shares at a }
time: BP.L, ITV.L, LLOY.L, MKS.L, NG.L and TSCO.L. If The main difference is that we are not just looping
you want to know more about these companies, you through one time series, but looking at a number of
can search for them on yahoo.finance.com or series that are in a List called seriesList. The code that
www.londonstockexchange.com, but leave off the .L prepares this isn’t shown here, but it ensures that the
suffix if you use the latter, because it just means the series with index 0 has the earliest start date, and this
shares are listed on the London Stock Exchange. is the date that we put into the Calendar object. We
The code used is not too different from before: start with index=-1 which means that we currently
private static int NO_MORE_DATA = 0, NO_NEW_DATA = 1, hold no shares. Next we call updateAvailableList()
NEW_DATA = 2; with the starting date, and it will put all time series
www.linuxvoice.com 93
� TUTORIAL SHARES
objects with data for that day into the availableList, buyThreshold=-0.05, is:
and return a status of NEW_DATA, which is one of 1988-08-16,1000,0,3 BUY: BP.L.csv
three constants defined in the class. 1990-08-17,-,1522,3 SELL: BP.L.csv
The loop then starts, and since index is -1 (we have 1990-08-21,1522,0,3 BUY: MKS.L.csv
no shares) it attempts to buy some. In later iterations, 1992-04-13,-,2315,3 SELL: MKS.L.csv
after we own some 1992-04-30,2315,0,3 BUY: TSCO.L.csv
“This scheme gives a return of shares, an attempt is
made to sell shares
1995-07-07,-,3507,3 SELL: TSCO.L.csv
1995-09-22,3507,0,3 BUY: TSCO.L.csv
£12,140 on an investment of instead. Then we start 1997-05-16,-,5274,5 SELL: TSCO.L.csv
£1,000 – a profit of £11,140.” another loop that will
repeatedly increment
1997-05-20,5274,0,5 BUY: MKS.L.csv
2006-03-10,-,8051,6 SELL: MKS.L.csv
the date by one day and 2006-03-31,8051,0,6 BUY: ITV.L.csv
then call updateAvailableList() until it returns a status 2013-07-11,-,12150,6 SELL: ITV.L.csv
of NO_NEW_DATA. This winds us past weekends and 2013-08-15,12150,0,6 BUY: MKS.L.csv
bank holidays on which the stock exchange is closed Final money=0
and the availableList is empty. The loop checks to see Final value of held shares=13628
if status has not been set to NO_MORE_DATA; if it has Raw profit=12628
we’ve reached the end of all the data and we’re done. Each line of the output records a transaction: the
The sellShares() method is nearly identical to date of transaction, value of shares held, money held
before, except that it now returns true if it sells shares, (after this transaction), size of the availableList, and
but false otherwise. The buyShares() method is a a short text description. You can see here that this
little bit more involved than before: scheme is our most successful yet, bringing a greater
void buyShares() { than 12-fold return, before inflation.
for (int i = 0; i < availableList.size(); i++) {
StockTimeSeries timeSeries = availableList.get(i); A proper portfolio investment
double delta = timeSeries.getDelta(5); Let’s now implement a true portfolio of shares where
if (delta < buyThreshold * timeSeries.getPrice()) { we can hold shares of several companies at once. We
money -= timeSeries.purchaseShares(money); will decide when to buy and sell shares exactly as
index = i; above, but a new decision has to be made: how many
return; shares should we buy or sell? Adhering to the KISS
} principle (Keep It Simple Stupid!), let’s plump for
} creating two new parameters: sellFraction and
} buyFraction. The first means that when we decide to
It loops through all series in the availableList and sell a particular share, we sell the number of those
looks for a drop in share price of sufficient size in the shares held times sellFraction. Similarly, for
same way as before. As soon as it finds one share buyFraction, once a decision is made to buy shares,
with such a drop, it will purchase as many shares as it the amount of money to be spent is set equal to
can and return. buyFraction times the amount of money we
The output from using this class, investing currently hold.
£1,000 initially, with sellThreshold=1.5 and The invest() method hardly changes, and in fact
ends up becoming simpler because we do away with
the index variable, and if-else statements testing it
Dark arts of parameters inside the main do-while loop are replaced with:
In building models, whether they are to and living in Edinburgh for my entire life (as buyShares()
predict time series, or model the climate, it happens I was 12 and lived in Glasgow!). sellShares()
or plan a space mission, it’s next to The point is that we must not choose The buyShares() code hardly changes: we only
impossible to avoid using parameters. Some parameters so that they only work well on need to remove the index=i line and in the line
parameters, such a physical constant, like one set of data. In fact, it’s always possible
above replace money with buyFraction*money.
one that describes the strength of gravity, to keep adding parameters to a model so it
can be measured objectively, but others, like can describe a given set of data perfectly, The sellShares() method needs to change a bit so
the sell and buy thresholds we’ve used, need but when it does, it will almost certainly fail that, like in buyShares(), it loops through all available
to be set empirically – that is by looking at when given fresh data. There are various shares, and takes notice of the new parameter,
real data. And this causes a problem: we methods available to set parameters to sellFraction:
want the parameters to work not just on avoid this pitfall, but they mostly boil down
void sellShares() {
the data we have, but on any data we throw to a simple idea: reserve one set of data
at the model. This issue extends beyond for choosing the parameters – the training for (int i = 0; i < availableList.size(); i++) {
numerical modelling. For example, it crops set – and another set of data for checking StockTimeSeries timeSeries = availableList.get(i);
up in learning a foreign language. At school that the model generalises well – the test if (timeSeries.hasShares() && timeSeries.getPrice() >
my French teacher taught us “J’ai treize ans set. If you think about it, this is exactly how sellThreshold * timeSeries.getPriceAtLastPurchase()) {
et j’habite a Édimbourg”. If I learned that school learning proceeds – you are taught on
money += timeSeries.sellShares(sellFraction);
parrot-fashion, without understanding, it’d one set of examples, but will be tested on an
soon be useless to me as I wouldn’t be 13 unknown set of examples in the exam. return
}
94 www.linuxvoice.com
� SHARES TUTORIAL
How our portfolio evolved
Number of shares held Value of shares held
80000
14000
70000
12000
60000
10000
50000 NG.L money
LLOY.L NG.L
8000
ITV.L LLOY.L
40000
ITV.L
B.PL 6000
Shares held B.PL
MKS.L Share value
30000
MKS.L
TSCO.L 4000
TSCO.L
20000
2000
10000
0 0
07/04/88 07/04/91 07/04/94 07/04/97 07/04/00 07/04/03 07/04/06 07/04/09 07/04/12 04/07/88 04/07/91 04/07/94 04/07/97 04/07/00 04/07/03 04/07/06 04/07/09 04/07/12
The graphs are stacked, which means that the top of each column is the total Of more relevance to most people will be the amount of money that our shares
number of shares held, with the height of the colour rectangles showing the are worth. The value of shares held takes on a spiky appearance, reflecting
proportion of each share held. For example, from 2007 to 2013, no shares the volatility of share prices. The amount of cash money held is shown too,
were bought or sold and the number of shares remained constant at just below though it is almost always small in proportion to the total value of shares
70,000. Most of those shares were in ITV.L, with some in BP.L and TSCO.L. held.
} shares before the financial crisis of 2008 started.
} And a good thing too: LLOY.L shares plummeted
Notice that, keeping to our KISS principle, as soon from around £300 per share to under £30 during the
as we find shares that meet the criterion, we buy or recession.
sell then return; only one buy and sell transaction can
take place at each time-step. With great power comes great responsibility
Running this scheme, with sellThreshold=1.5, If you were to take £1,000 and invest it in a savings
buyThreshold=-0.05, buyFraction=0.5 and account in 1988, you’d need an annual interest rate of
sellFraction=0.5, gives a return of £12,140 on an 10% to give returns comparable with those we’ve seen
investment of £1,000, ie a profit of £11,141, about with these simple schemes. This may lead you to
£1,000 less than the previous scheme. Although this think that the author is very rich, only troubled by the
return is lower, our investment is safer in that with the choice of which volcano to hollow out for a secret
previous scheme we could have lost everything if the base, or what colour boots his hordes of minions
single company we’d invested in went bust. should wear. In truth though, I have not invested
The graphs of this scheme show some odd heavily in shares for two reasons. Firstly, because, like
features. The most striking is that there were no most people, I don’t have enough money to risk losing
transactions at all between March 2007 and June it and so when I do have some money to spare, I place
2013. During most of this time, the UK, along with it in safe savings accounts with modest interest rates.
many other countries, was either in recession or Secondly, simply speculating on the stock market
enduring a feeble recovery. At first it’s surprising that has ethical concerns. Gambling on companies you
the algorithm didn’t buy shares during the start of the know nothing about can, in concert with a mass of
recession in 2008, because that was a time when similarly ignorant or short-sighted investors, cause
prices were falling. However, on closer inspection you bubbles and busts, of which two are present in the
can see that our money was already fully invested data we’ve looked at – the dot-com bubble in 2000
when the recession started, so we rode out those and the Great Recession starting in 2008.
years with an unchanging portfolio. It wasn’t until If you do wish to invest, you could do worse than
2013 that any of the shares rose in price enough to follow the example of John Maynard Keynes, who
trigger a sale. This is great example of why investing advocated taking an interest in the companies and
in shares is regarded as a long term investment, and investing in those that would not just be profitable,
not a get-rich-quick scheme. but productive to the real economy too. That human
Bank share prices suffered the most pronounced touch, together with algorithms like those we’ve begun
fall in the 2008 recession, so it’s particularly pertinent to develop here, can make for investments that are
to see how those of LLOY.L – the Lloyds bank - fared both profitable and ethical.
at this time. They were bought and sold by our
scheme up until 2007, but not after date. In fact, the Andrew Conway, millionaire philanthropist, tracks the stars to
predict the future – just like real economists!
cunning little algorithm divested itself of all those bank
www.linuxvoice.com 95
� TUTORIAL MAILSERVER
BUILD AN EMAIL SERVER –
TUTORIAL
ROUNDCUBE AND CYRUS
Send emails over a convenient webmail system without having
JOHN LANE
Google’s prying eyes snooping on your communications.
O
n page 68 of Fosspicks this issue, Ben looks first we need to configure the web server.
WHY DO THIS? at Roundcube , the web-based email system The Roundcube package includes an Apache
• Access your email from that we’ve been using at Linux Voice Mansions configuration file that you can integrate into your
anywhere. for the last year-and-a-bit. Roundcube is a browser- Apache configuration. Copy it into place and link it into
• Keep giant corporations based IMAP email client, and we’re going to show Apache’s main configuration:
out of your inbox. you how to sample its excellence. We’ll assume you $ cp /etc/webapps/roundcubemail/apache.conf /etc/httpd/conf/
• Take back control of a already have a web server; we’re using Apache and extra/httpd-roundcube.conf
vital service.
we’ll configure a virtual domain to host webmail. First $ echo “Include conf/extra/httpd-roundcube.conf” >> /etc/httpd/
install Roundcube; it’s a PHP application, so those conf/httpd.conf
dependencies will also be installed. It also needs a $ mkdir /srv/http
database – we’ll use SQLite here and have included Restart your webserver to make the changes take
those dependencies too: effect and then point a browser at http://mailserver/
$ pacman -S apache roundcubemail sqlite php-sqlite roundcube/installer. The first page checks the
PRO TIP You can use a different database if you want; environment to make sure everything necessary is
You’ll find Roundcube’s Roundcube supports MySQL/MariaDB, PostgreSQL in place. Pay particular attention to make sure your
installation instructions or even MS-SQL. Choose whatever suits your desired database driver is available. The second page
at /usr/share/webapps/
roundcubemail/INSTALL. requirements. enables you to edit the configuration, but you have
The Roundcube configuration file is in /etc/ to download and save it over the existing one; you
webapps/roundcubemail/config. You need to make a might find it easier to just use a text editor. The final
copy of config.inc.php.sample as config.inc.php and screen verifies required write access to parts of the
PRO TIP edit it according to your needs. Make the following filesystem and allows you to test the IMAP and
We covered installing and changes at least: SMTP connections.
configuring the Cyrus $config[‘smtp_server’] = ‘localhost’; The last thing the installer does is remind you to
IMAP server in issue 8. $config[‘smtp_port’] = 587; disable it – you just need to remove the enable setting
$config[‘db_dsnw’] = ‘sqlite:////var/cache/roundcubemail/sqlite. that we added to the configuration. Now you can
db?mode=0646’; point your browser at your webmail server and try
$config[‘enable_installer’] = true; it out. Log in as the test user that we created before
This configures Roundcube to use our mailserver’s (we used a username of “testuser” and password
submission port so that outbound mail passes “testpass”).
through our outbound content filter. The database
setup is next; we’re using SQLite so just need to point Sieve it
to a location that is writable by Roundcube – the We want to give our IMAP users some control over
database will be created automatically. The last thing the delivery of their mail to enable them to forward it
we do is enable the installer; we’ll use it shortly to to someone else, file it into sub-folders or even reject
verify our configuration and test the installation. But it. The Sieve language enables end users to provide
rules for the server to apply when delivering their mail.
Rules are written using a simple language, are stored
on the server and accessed via a daemon called
timsieved that is part of the Cyrus IMAP server. You
can use telnet to verify that you connect to it:
$ telnet mailserver sieve
You wouldn’t normally do that though, because
the Cyrus server comes with sieveshell, an FTP-like
command-line tool for uploading, downloading,
activating, de-activating and listing Sieve scripts. To
Roundcube’s installer helps
make sure everything is use it as the current user:
set up properly, but don’t $ sieveshell mailserver
forget to disable it when If your Linux user is different to your mail user then
you’re done! you’ll need to use the --user argument to supply it.
96 www.linuxvoice.com
� MAILSERVER TUTORIAL
sieveshell will request your IMAP password and
display a prompt once it authenticates you. Enter help
to see the available commands; there’s also a man
page with similar information.
Sieve scripts follow a basic syntax that enables a
user to forward, discard or sort messages into sub-
folders within their mailbox. The message header
information is used to decide which action to take.
The language is backed by an internet standard (RFC
5228) and you can find information online to get you
up to speed. http://bit.ly/sieve-tutorial is a good one
to start with. Here is an example:
require [“fileinto”];
if address :is “From” “bob@example.com”
Roundcube’s default Sieve
{ version, it’s easy to write Sieve scripts from within
implementation hides
fileinto “Bob’s Ramblings”; Thunderbird. You work directly on scripts stored on the the script detail, making
stop; server and you get immediate feedback when your it a good choice for non-
} scripts contain errors. technical users. There are
Write that into a file, say testuser.sieve and use Roundcube comes with Sieve support included, but other alternatives available
sieveshell to upload and then activate it: it’s in a plugin and you have to enable it. First, set up - see http://plugins.
$ ./sieveshell --user testuser mailserver its configuration by making a copy of the supplied roundcube.net.
Please enter your password: example
> put testuser.sieve $ cp /usr/share/webapps/roundcubemail/plugins/managesieve/
> activate testuser.sieve config.inc.php{.dist,}
> list and then enable it by adding managesieve to the
testuser.sieve <- active script active plugins array defined in the main configuration
> quit file, /usr/share/webapps/roundcubemail/config/
The daemon performs syntax checking and won’t config.inc.php. Once it’s enabled users will see a
allow an erroneous file to be uploaded. Once it’s in ‘Filters’ area on the Roundcube settings page that
place, any mail from Bob will be filed into the sub- presents a user-friendly rule editor that doesn’t require
folder (if it exists or, otherwise, into the Inbox). Note knowledge of the Sieve language.
that each user can keep many scripts on the server
but only one of them can be active. Batten down the hatches...
For Sieve to be of any use to our users, they need To allow our users to access their mail remotely, we
to be able to manage their own rules. You could give want to expose our server’s IMAP and ESMTP
them their own copy of sieveshell but most users interfaces to the internet. However, before doing this
would prefer to manage their rules from within their we need to implement TLS (Transport Layer Security)
own email client. and mandate its use. And that requires a server
There is a Sieve add-on for Mozilla Thunderbird, certificate. We’ll assume you have one, but our boxout PRO TIP
but the current release (0.2.2) doesn’t work with shows how you can quickly make one that is good php -m will confirm your
Thunderbird version 20 and above. You’ll need to either enough for testing. PHP database modules
wait for version 0.2.3 of the plugin or install a nightly To configure the IMAP server to use TLS, you need are set up correctly.
build from GitHub (see https://github.com/thsmi/ your private key, certificate and, if your certificate is
sieve/tree/master/nightly). Once you have a working signed by a certificate authority, its CA certificate.
Store them somewhere that is accessible to both
Sieveshell for command-line users Postfix and Cyrus. You could place them in /etc/mail.
Edit /etc/cyrus/imapd.conf to tell Cyrus where to find
The sieveshell tool is part of the mail server but, by copying the key and certificates. Add these definitions (if you
a few files, you can provide it to command-line savvy
end-users so they can manage their Sieve rules from the
have a self-signed certificate then you can omit the
command line. Copy the following files from the mail server last one): PRO TIP
onto any other machine where you would like sieveshell to tls_key_file: /path/to/private-key You don’t have to
be available: tls_cert_file: /path/to/server-certificate implement webmail on
/usr/bin/sieveshell
tls_ca_file: /path/to/ca-certificate the mail server – use a
/usr/lib/perl5/site_perl/Cyrus/SIEVE/managesieve.pm separate server if you
/usr/lib/perl5/site_perl/auto/Cyrus/SIEVE/managesieve/managesieve.so
You also need to configure Cyrus to listen for secure want to. It might even be
/usr/share/man/man1/sieveshell.1.gz IMAP connections. You can use sed to uncomment better that way!
/usr/share/man/man3/Cyrus::SIEVE::managesieve.3pm.gz the imaps entry (or just edit the file):
This does, of course, require Perl and binary $ sed -e ‘/^#\s*imaps\s/s/^#//’ /etc/cyrus/cyrus.conf
compatibility and it isn’t something that the Cyrus project You can also restrict insecure IMAP connections
officially supports. But it may work out for your command-
line users.
to the local machine (Roundcube will still connect this
way):
www.linuxvoice.com 97
� TUTORIAL MAILSERVER
restrictions before the reject restriction. The client
restrictions control who can connect to the service.
These changes allow clients outside of mynetworks
to connect to and send email if they can authenticate,
but we need to define what mynetworks is. This is a
list of trusted SMTP clients – those allowed to relay
(send) email. Postfix determines this automatically
using the machine’s network interfaces, trusting
anything on the same network. We don’t want that; we
want all clients to authenticate. To achieve this we can
explicitly specify in main.cf to only trust the local host.
mynetworks_style = host
Trusting the local host will allow our webmail system
to send mail without going through the authentication
mechanism.
There is one other thing to do, and that’s to
configure the SASL library that Postfix uses. The
library looks in the /usr/lib/sasl2 directory for
application-specific configuration files that are named
after the application. In Postfix’s case, each service
You can check the TLS
$ sed -i -e ‘s/listen=”imap”/listen=”localhost:imap”/’ /etc/cyrus/ has its own file – the SMTP server’s is called smtpd.
capabilities of your server.
We got a certificate failure cyrus.conf conf (this is a default value that can be overriden with
because we used a self- Finally, restart Cyrus to effect the changes: a Postfix configuration option, but we’ll just go with the
signed certificate. Our $ systemctl restart cyrus-master default). Because we just want Postfix to authenticate
backup MX doesn’t fare so Configuring Postfix is similar. You need to add some in exactly the same way as the IMAP server, we can
well – a typical ISP! configuration options to /etc/postfix/main.cf: extract the required settings with a little bit of sed:
smtpd_tls_key_file = /path/to/private-key $ sed -n -e ‘s/^sasl_\(.*\)/\1/p’ /etc/cyrus/imapd.conf > /usr/lib/
smtpd_tls_cert_file = /path/to/server-certificate sasl2/smtpd.conf
smtpd_tls_CAfile = /path/to/ca-certificate With the changes made, you can restart the services:
smtpd_tls_security_level = may $ systemctl restart saslauthd postfix
smtp_tls_security_level = may From now on, when users send mail, they will need
There are two groups of settings that apply to the to connect using TLS and supply their username and
smtp client-side (for outgoing mail) and the smtpd password. It’s important to understand what TLS
server-side (for inbound mail). We specify the same gives us. It’s Transport Layer Security; that means it
key and server certificate that we used for Cyrus. protects the connection between the mail client and
The may security level is what enables TLS and the mail server that is made for each message that
is one of several possible levels. It announces a user sends. The server will also attempt to use TLS
STARTTLS support to remote SMTP clients but when relaying those messages to their destinations,
doesn’t require encryption to be used because the but not all mail systems support it, in which case the
SMTP over TLS specification requires that publicly transmission falls back into the clear.
accessible servers (those referenced by public MX Regardless of whether TLS was used, messages
DNS records) do not enforce TLS. aren’t encrypted once delivered. There is nothing
However, you can enforce TLS on the submission stopping them from being read, forwarded or altered
interface so that email clients must encrypt, by by anyone able to access them legitimately or
overriding the security level for the submission otherwise. We can further protect messages with
service defined in /etc/postfix/master.cf:
-o smtpd_tls_security_level=encrypt A server certificate
Another security measure that you can take is to
Enter the commands below. When asked for a password,
require your clients to authenticate with the server
use “testpass” or anything else that you wish. Of all the
before they can send email through it. You can other questions, the important one requests a Common
achieve this by configuring the submission service Name. Enter the server’s fully-qualified domain, mail.
to use the same SASL authentication service as the mydomain.com.
IMAP service. A few changes to its configuration in $openssl genpkey -algorithm rsa -pkeyopt rsa_keygen_
bits:4096 -out server.pem
/etc/postfix/master.cf makes this happen:
$openssl req -new -x509 -key server.pem -subj “/
-o smtpd_sasl_auth_enable=yes CN=$(hostname -f)” >> server.pem
-o smtpd_recipient_restrictions=permit_mynetworks,permit_ $chmod 600 server.pem
sasl_authenticated,reject_unauth_destination This creates a private key and a self-signed certificate,
The recipient restrictions control who can use both in the same server.pem file. You can specify this same
file for both your private key and certificate. Although self-
the service to send mail. You must also add permit_
signed certificates work, they will annoy your users!
sasl_authenticated into the existing smtpd_client_
98 www.linuxvoice.com
� MAILSERVER TUTORIAL
content signing and encryption. When a sender signs Apache quick start
a message, its recipients can verify that it is authentic
and has not been altered. When a sender encrypts If you haven’t got Apache and just want to SQLite driver:
get it up and running to follow along with $sed -i -e “s:;\(date.timezone =\)$:\1 Europe/
one, it is only readable by its intended recipients. our Roundcube setup, here’s what you need London:” \
Both signing and encryption use asymmetric to do. Start out by installing Apache and -e “s:;\(extension=pdo_sqlite.so\):\1:” /
cryptography using public and private key-pairs and SQLite, plus the necessary PHP modules. etc/php/php.ini
there are two implementations in common use for Then install the module into Apache’s $ echo “<?php phpinfo(); ?>” > /srv/http/
email: S/MIME uses X.509 certificates in a similar configuration: phptest.php
$ pacman -S apache sqlite php-apache We also wrote a little test page so that
way to SSL websites, whereas OpenPGP implements php-sqlite we can check everything is OK, but you
a different key system based on webs of trust where $ sed -i -e ‘s:^LoadModule mpm_event_module must start Apache first, which you do with
entities known to each other sign each other’s keys. modules/mod_mpm_event.so$:LoadModule systemd:
While corporate entities might prefer the S/MIME mpm_prefork_module modules/mod_mpm_ $ systemctl enable apache
prefork.so:’ \ $ systemctl start apache
approach, the fact that it requires trusting a potentially
-e ‘/LoadModule dir_module/a LoadModule and then point a browser at it. You should
unknown certificate authority to sign keys (in contrast php5_module modules/libphp5.so’ /etc/httpd/ see something like the picture.
to OpenPGP’s approach being decentralised) and that conf/httpd.conf Further information is available on the
PGP has been around longer makes PGP the more PHP also has a configuration file; you Arch Linux wiki; see https://wiki.archlinux.
popular choice for email. need to set a time zone and also load the org/index.php/LAMP#PHP.
PGP also sees other uses in the open-source world
where, for example, it’s used to sign software releases.
The open-source implementation is called GNU appropriate for server use.
Privacy Guard, or just GnuPG. You can check if you $ gpg --gen-key
have it installed with gpg --version and, if necessary, You should give the key a Real Name that is the
install it on Arch with pacman -S gnupg. same as the system user (‘cyrus’) so that the key can
Encryption is typically a user-focussed activity: be found. Otherwise you’ll need to specify it in the
When Alice sends a secret message to Bob, she uses following commands by appending the --local-user
his public key to encrypt it and he must use his private argument that specifies the key’s ID.
key to decrypt it. If Alice wants to sign the message, The actual encryption and signing is done by
she uses her private key and Bob can use her public the /etc/procmail/outbound.rc filter. Add a recipe
key if he wants to validate its authenticity. Neither for signed encryption and, in case that fails (as will
Alice nor Bob trust their mail systems’ administrators, happen if the recipient’s public key is not in the key
so they keep their private keys securely on their own ring), another to sign it instead:
computers and use them with their email client. # Encrypt for recipient and sign with server’s key
Enigmail is an add-on for Mozilla Thunderbird that :0 fbw
provides OpenPGP tools that use GnuPG underneath. | cat | gpg --encrypt --armor --recipient $RECIPIENT --sign
You install it using Thunderbird’s Add-Ons facility and
follow the setup wizard that it launches. You can # If unable to encrypt, just sign with server’s key
either use an existing key or create a new one. Once :0 fbwe
it’s installed, you’ll have a new Enigmail menu option. | cat | gpg --clearsign
You can try sending signed and encrypted email using You also need to add RECIPIENT=${recipient} to
Adele, the Friendly OpenPGP Email Robot: just send the procmail-outbound definition in /etc/postfix/
a message to adele-en@gnupp.de and you should master.cf and load any public keys for any recipients
receive a response showing that your test could be that you want to encrypt for.
decrypted and/or signed. You need to attach your This is a very basic server-side example to
public key, but don’t encrypt the attachment otherwise demonstrate how you could implement an outbound
the robot won’t work. signing policy, but think of it as a starting for your own
You can also look at supporting encryption with rules that suit your own requirements.
Roundcube, but there isn’t a complete out-of-the-box
solution like Enigmail for it. You could investigate rc_ Where next…
openpgpjs or the Web Encryption Extension (http:// There’s plenty more that you can do to continue
senderek.ie/wee). Google is your friend here. growing your mail system. Here are some
You can, however, use GnuPG on the server side suggestions:
if you want to. To demonstrate this, we’ll configure Implement a SASL back-end to authenticate from
our Procmail outbound filter to sign and/or encrypt LDAP, perhaps your Active Directory server
outbound messages. To achieve this, we’ll give implemented with Samba.
the server its own private key for signing and use Implement a second server to use as a backup and
recipients’ public keys for encryption. You can use Cyrus-IMAP’s replication capabilities to keep
generate a key on the server; it needs to be owned by them in sync.
the user that runs the outbound filter (in our example
this is the cyrus user). Press Enter when prompted for John Lane provides technical solutions to business problems.
He has yet to find something that Linux can’t solve.
a passphrase to create a key without one; this is more
www.linuxvoice.com 99
� TUTORIAL FORTRAN
FORTRAN: CODING FOR
TUTORIAL
SCIENTISTS, BY SCIENTISTS
JULIET KEMP
Come back through time to the days of FORTRAN – the language
of fluid dynamics, computational physics and more.
F
ORTRAN (it dropped the caps in 1990) is the same time (resulting in FLOW-MATIC, an ancestor of
oldest high-level language still written today. It’s COBOL). But in 1953, there was nothing that really
now over 55 years old and still in widespread looked like a useful, functional, high-level language.
use in the sciences, in high-performance computing, IBM gave Backus the go-ahead.
and in supercomputers. Its real strength is in Backus’ team had completed a draft specification
numerical computation and complicated by 1954, and the first compiler was delivered in
mathematical models (making it also popular in April 1957. An important aspect was that it was
finance); and its position is hard to assail given the an optimising compiler; the language would
vast Fortran code library of numerical computation (understandably) never be popular if it couldn’t
routines that’s available. There are even people still compete on performance with hand-coded assembler,
using fixed-format F77 (see below), although most which had been the main problem with Short Code.
modern users have shifted to the easier free-format. FORTRAN’s focus was on numerical computation,
It’s probably not your language of choice for shiny as that was the chief use for IBM’s machines at the
Web 2.0 development, but it’s fascinating to have a time. It caught on extremely quickly, making it the first
look at something with such a venerable and successful high-level language (that is, a language
successful history. which is at least to some extent removed from the
details of machine code).
History The major advantage, and the reason for its
John Backus, at IBM, proposed developing Fortran in popularity, was that programs could now be written
1953, with the aim of producing a more practical much more quickly. Although FORTRAN was initially
alternative to assembly language. Assembly language very limited in scope, it enabled the programmer to
(now as then) uses mnemonics like ADD to describe think in terms of algorithms, without then having to
basic operations, which are then translated into translate that by hand into machine instructions.
machine code (as you’ll know from the assembly Instead, the compiler did that hard work – and did it
tutorial on page 106). This is one up from well. Its rapid spread led to manufacturers developing
programming directly in machine code (as in the very compilers for many different computers, making it
earliest computers), but is still massively time- arguably the first cross-platform language. This in
consuming and makes bugs very difficult to find. turn helped popularise it further, because FORTRAN
Backus’ idea was to create a program that could turn programs written for one computer could be run
something like mathematical notation into machine on another computer; something that just wasn’t
code. This wasn’t a totally novel idea. UNIVAC had possible with assembler.
Short Code, which did something similar but very This first version of FORTRAN had 32 statements,
slowly around 1949, and Grace Hopper at UNIVAC including flow control (IF, GOTO, etc), I/O, and
was proposing a similar idea to Backus’ at about the assignment statements. It was stored on punchcards,
with one card per line of code. FORTRAN II, in 1958,
allowed the programmer to create subroutines and
functions, including passing parameters by reference,
and global (or COMMON) variables. Subroutines could
not however be recursive, as computers at the time
didn’t have a ‘stack’ concept. FORTRAN III was never
released, and FORTRAN IV, begun in 1961, had a few
minor improvements.
FORTRAN 66 was the next big step, providing an
‘industry-standard’ version of the language, based
on FORTRAN IV. They also defined Basic FORTRAN,
Hello there! Check out the
user input boxout below which removed all machine-dependent features (ie
and see if you can improve anything that relied on a particular brand of computer
this code to ask your to work). Afterwards, however, compilers with various
name. extensions were released to take advantage of other
100 www.linuxvoice.com
� FORTRAN TUTORIAL
possible features, which led the ANSI committee to The population graph
revise the standard again. This took nearly a decade, in our converges pretty
but the update was finally circulated in 1977, resulting quickly here, as per that
in FORTRAN 77, perhaps the most historically long boring line.
important dialect. Unlike earlier versions, F77 code
is still running out in the world, and FORTRAN
compilers now available will compile F77 as well as
later versions. It had improved support for structured
programming, now the norm in programming, much
improved character input/output support (previously
characters were unsupported, and had to be placed
into numeric variables via the Hollerith constants
technique, which was not very portable), support for
lexical string comparison (demanded by the US Dept end program hello
of Defence), and various loop extensions. F77 was the Compile it with f95 -o hello hello.f95. -o hello
“Standard FORTRAN” for nearly fifteen years. specifies the output file; without this option, the
The next major rewrite, after many delays, was default is to compile to a.out. Run it with ./hello and
Fortran 90 (caps now abandoned). (For more on you should get the traditional Hello World output.
the delays and the byzantine behind-the-scenes Looking at the source, you can see that comments
wrangling, see Brian Meek’s somewhat world-weary start with !, and that programs begin with program
piece The Fortran Saga (https://www.fortran.com/ <name> and end with end program <name>. print
forsaga.html).) The biggest change was that free- * means print to screen (print), with the appropriate
form source input was now allowed (see the section format for the output (*). Both double and single
on fixed-form source). Array operations were also quotes can be used from Fortran 90 onwards (single
finally added, as was recursion, operator overloading, only for FORTRAN 77). Indentation isn’t required in
dynamic memory allocation, and much improved free format source code, but it does make for code
data structure handling. Modules were also now that’s easier to read.
available, improving program structure and reflecting
new programming practice since 1977. However, all Fixed Format and Free Format
F77 features were retained, and any compliant F77 Prior to Fortran90, Fortran code had to be written in PRO TIP
program should also be a compliant F90 program. fixed format. Initially, this was because FORTRAN in Structured programming
argues that programs are
Fortran 95 was a minor revision, although it deleted a its earliest days was written on punch cards, and a made up of sequences,
few features (dating back to pre-F77) that had been specific format of card was expected. The basic rules selections (if/then),
labelled obsolete in Fortran 90. looked like this: and iterations (while,
for, do), with blocks
Another major revision has since been published, Maximum line length 72 characters. To continue and subroutines to
Fortran 2003 (and a minor update in 2008). This a line, put any character in column 6 on the next group statements
includes, among other things, object-oriented (continuation) line. together. This is in
contrast to unstructured
programming support, improved floating-point The first 6 columns must be empty (so each programming, which
handling, and improved I/O. However, if you want to line starts with 6 spaces), unless the line is a simply has a sequence of
learn Fortran today, it’s usually advised that you start continuation line or a comment. commands.
with 90/95, and then go on to learn about the new Comment lines have * or c in the first column.
features added by 2003. The rest of this article will Spaces are ignored altogether. endprogram and end
use Fortran 95. program are read exactly the same.
So the “Hello World” program above would look like
Hello World this in fixed format:
To get started with Fortran, the easiest compiler to get c Hello World
hold of is the GNU compiler GFortran. Install the program hello
gfortran package for your distribution, or download it print *,’Hello World’
from the GNU website and compile from source. end program hello
Other compilers include G95 (free) and NAG (paid). This is, as you will readily understand, a bit of a faff.
Some compilers include extensions beyond the Happily, as of Fortran 90, free format was introduced;
Fortran standard, which can be handy but equally lock though fixed format is still understood by Fortran
you into that compiler; here we’ll stick with the official compilers, to make sure old code could still be used.
standard. Free format looks a lot more like any other modern
You can run GFortran with the command gfortran or language (all the rest of the code in this tutorial is in
f95; I’ll use f95. Once you’ve got the compiler installed, free format), but there are still some rules:
save this as hello.f95): Lines can be up to 132 characters long; to continue
! Hello World a line use & at the end of the first line.
program hello If the split is in the middle of a name, use another &
print *,”Hello World” at the start of the next line:
www.linuxvoice.com 101
� TUTORIAL FORTRAN
User input
You could set up the program to ask you for a specific version ! Do loop and other variables as before, but alter the write line:
of x and R. Add these lines: write (outf, f) i,xnext
integer :: outf outf and outfile are used to write to a specific file, rather
character(len=30) :: outfile than specifying the file on the command line. This is because
outf = 3 if you use > to redirect on the command line, the print lines
outfile = “plot_v1.dat” will also be redirected. You won’t see them, and they’ll cause
print *, “Please enter an initial x value between 0 and 1” problems in the data file. With open, as here, you need to
read *, x provide an integer filehandle (should be greater than 3, as 0, 1,
print *, “Please enter an initial R value greater than 1” and 2 are the system filehandles; and Fortran itself reserves
read *, R 5 and 6), a string filename, and options: here, the write action,
open (unit=outf, file=outfile, action=”write”, status=”replace”) and replace rather than append status.
character :: longname*100 populations grow larger, expansion becomes harder.
longname = “this is a terribly long line, so you need an What we might expect is that over term, the value
ampersand here & converges, and eventually Pi and Pi+1 become the
&and another one here” same.
Comments start with !. So here’s a first go at an iterative program that
Whitespace doesn’t matter in some places: ENDIF looks at what does happen to population over time
and end if are treated the same, and indentation is (specifically, over 1,000 generations). Save this as
not significant. However, you can’t have embedded logistic.f95:
spaces in variable names or in numbers, as you ! Logistic equation
could in earlier FORTRAN. program logistic
You can put multiple statements on one line by implicit none
separating them with ; (although the next person integer :: i, n
reading your code may or may not thank you for it). real :: R, x, xnext
Most compilers assume free format if the source character(len=30) :: f
filename ends in .f95 or .f90, and fixed format if it n = 1000
is .for. You can also specify -ffixed-form or -ffree- R = 1.5
form on the Linux command line when invoking the x = 0.01
GCC compiler. f = “(i6, f12.6)”
do i = 1, n
The logistic equation xnext = R * x * (1-x)
The logistic equation is an example of a very basic write (*,f) i, xnext
population model that shows some distinctive x = xnext
characteristics of feedback systems. It can be defined end do
in a couple of ways, but we’ll use this one: end program logistic
Pi+1 = R * Pi * (1 - Pi) Any line beginning ! is a comment. implicit none
Pi is the population at generation i. R is a growth is an inheritance from FORTRAN 77 and earlier.
rate term; you could think of it as representing Originally, Fortran had implicit variable typing, done
the resources available. A more basic version of by variable name. Variables beginning i, j, k, l, m, or
this equation would be Pi+1 = R * Pi, in which the n were taken to be integers (since scientists and
population at generation i+1 is purely dependent on mathematicians – and Fortran was written by
the population at generation i plus this growth rate. A scientists – expect i and j to be integers), and all
system with better resources would grow faster. The other names were real numbers, unless explicitly
(1 - Pi) term is added to represent the idea that as declared to be strings or characters. Due to the
desire for backwards compatibility, this had to still
work in F90 and onwards; but it’s not a good modern
programming practice. The solution was implicit
none, which turns off implicit typing and requires all
variables to be explicitly declared.
The next three lines do the declaring, creating
integers, real numbers (real has 6 decimal digits
of precision), and a string, which is declared as a
character array of length 30. Other basic data types
are double precision (13 digits of precision), logical
The interesting stuff is as (true/false, like a Boolean variable), and complex
R gets bigger, especially (complex numbers). Fortran 90 also introduced
between about 3 and 4. derived types so you can create your own types. Note
102 www.linuxvoice.com
� FORTRAN TUTORIAL
that we are specifying the initial value of P0 (x = 0.01) Time is a useful utility
as well as R. for a quick benchmark of
The string f will be a formatting line for the output; something like this.
the format here is (i6, f12.6). i6 is an integer format,
requiring up to 6 positions (ie it could output a number
up to 999999, or -99999 as the negative sign takes
up an output position). If you tried to output 1000000
it would print ****** to warn you that the number
was too large for the format string. f12.6 is for real
numbers, and indicate 12 positions, of which 1 will
be the decimal point, and 6 will be to the right of the
decimal point. So you could print up to 99999.999999.
If there are more than 6 numbers after the decimal R=i
point it will be rounded appropriately. Again, if the R = R/1000
whole number is too large, it prints asterisks. x = 0.01
The main body of the program is the do loop, which do j = 1, n
loops for i between 1 and n (here 1000). It calculates xnext = R * x * (1-x)
xnext (xi+1 in the equation) from x (xi), outputs i and write (*,f) R, xnext
xnext to screen, then stores the calculated value in x x = xnext
for the next loop. Compile and run as follows: end do
f95 -o logistic logistic.f95 end do
./logistic > plot.dat end program logistic
This saves the output as a file, but it’s just a file The meat of the program is still the same (that inner
of numbers. To view it as a plot, you’ll need to use do loop, now labelled with j). But it now runs once
Gnuplot and Evince (or another PostScript viewer). for each value of R between 1 and 4. Since i varies
Save this as plot.gp: between 1 and 4000, and R is defined as 1/1000 of i,
set term postscript enh color it jumps in 0.001 steps. Note that if you try to define
set output “plot.ps” R = i/1000 it won’t work; dividing an integer always
plot “plot.dat” u 1.2 results in an integer. Instead, define R as i (translating
The details of Gnuplot are outside the scope of it into a real number) then divide it by 1000.
this tutorial, but basically this sets up your terminal, Because of the way this is plotted, the long thick
sets the output filename, and tells Gnuplot to plot the lines for R between 1 and 1.5 actually represent the
contents of plot.dat using the first two columns as x population converging to a specific level (the top of
and y axes. Generate and view the plot with the line, which is the population stable point for that
gnuplot plot.gp value of R and x. (You could edit the code to look for
evince plot.ps the convergence point and only plot that, if it exists.)
If you look at the output file plot.dat you’ll see that As R gets bigger, the graph gets more complicated. At
the equation rapidly converges to 0.333333. This some values there seem to be multiple convergence
suggests that a stable value for the population is points; towards the far right of the graph, what we’re
0.333333. This might be the same as the carrying seeing is actually a chaotic effect.
capacity of the environment (ie the population level A couple of potential improvements would be to try
that the environment can support), but it might also changing the initial value of x to see what happens at
be lower. Try changing the value of x to see if the start different R values; and to test for a convergence point
size of the population has an effect; and R to look at and to plot only that convergence point if it exists,
what effect the growth rate has. rather than all the points that lead it there. This could
make the graph a bit clearer. But this initial graph
Multiple loops should be enough to demonstrate the possibilities of
Here’s another version, with multiple loops. This will feedback equations like this. If this sort of numerical
allow us to look at what happens to the convergence modelling is your bag, you can find sample Fortran
point with different values of R (x here stays the same). programs online for nearly anything you want to do.
! Logistic equation There’s extensive documentation available, although
program logistic Fortran programs can be a bit of a nightmare to
implicit none debug as error messages are not always readily
integer :: i, j, m, n comprehensible. Try it out, and enjoy that sense of
real :: R, x, xnext hacker companionship linking you to those 1950s
character(len=30) :: f IBM pioneers who paved the way for the vast field of
m = 4000 modern languages.
n = 1000
f = “(i6, f12.6)” Juliet Kemp is a scary polymath, and is the author of
Apress’s Linux System Administration Recipes.
do i = 1, m
www.linuxvoice.com 103
� CODING NINJA
PYTHON: CODE REUSE
TUTORIAL
AND NOTIFICATIONS
Don’t keep writing the same code over and over again – put it in
BEN EVERARD
a package and reuse it.
I
n this month’s code ninja, we’re going to take a
WHY DO THIS? look at two different, but important topics: desktop
• Get your applications notifications and code reuse. Desktop
to remind you to take a
break. Or work harder. notifications are a great way for your code to let the
• Save time typing the user know that something has happened. They work
same lines of code over in a standard way across almost all Linux desktops,
and over again. so the code here isn’t tied to a particular widget set.
There are libraries for doing this in just about every
popular language. In Python, the most popular library The notifications will look different depending on your
for this is pynotify. You can test it out with the desktop environment. This is how they appear on LXQt.
following script that should pop up a message:
import pynotify message = “Point your web browser to www.linuxvoice.com”
pynotify.init(“test”) notification = pynotify.Notification(message)
notification = pynotify.Notification(“Hello”) notification.show()
notification.show()
While all desktops should be able to display Save electrons
messages, they each have different capabilities. You This brings us onto the second aspect of this month’s
can find out what capabilities your desktop has using ninja: code reuse. As you can see, the code to pop up
the pynotify.get_server_caps() function. This returns a notification is only a few lines, but why retype it
a list of the various things the desktop can display. For every time you want to send a message? Instead, we
example, if the server can display hyperlinks (like the can put it all into functions, and then we need only call
links on a web page), then one of the entries in the list the functions when we want to display a message.
will be the string “body-hyperlinks”. We can use the following functions to display
The following code could be used to send someone messages and find out if we can include hyperlinks:
to the Linux Voice website: import pynotify
import pynotify def msg(text):
pynotify.init(“LinuxVoice”) notification = pynotify.Notification(text)
capabilities = pynotify.get_server_caps() notification.set_urgency(pynotify.URGENCY_NORMAL)
if ‘body-hyperlinks’ in capabilities: notification.show()
message = “<a href=’http://www.linuxvoice.com’>Mag def hyperlink():
Website</a>” capabilities = pynotify.get_server_caps()
else: if ‘body-hyperlinks’ in capabilities:
Distribution Sharing your project with the world
You have probably noticed that when you install Python author_email=’ben@linuxvoice.com’,
packages, you don’t just copy directories into your Python license=’GPLv3’,
path manually. Instead there are tools that do this (and packages=[‘simpledesktop’])
provide other services as well). These tools are themselves Setuptools handles everything to do with putting your
organised in a package called setuptools (you’ll need to install package in the right place. Once you’ve created this, you just
this). To use this, first we need to put our package directory in need to open a terminal in the same place and run:
another directory of the same name, so we have sudo python setup.py install
simpledesktop/simpledesktop. Then, in the first You should then be able to access the package from any
simpledesktop directory, create a file called setup.py. This Python session on the computer. If you wanted to share a
should have the contents: package with other people, you can share it in this format and
from setuptools import setup let them run setup.py. However, if more than a few people are
setup(name=’simpledesktop’, likely to want to use it, a better option is to register it on the
version=’0.1’, Python Package Index (PyPI). This can be done using the
description=’easy desktop interaction’, setup.py script. Full details are in the Python documentation
author=’Ben Everard’, at https://docs.python.org/2/distutils/packageindex.html.
104 www.linuxvoice.com
� NINJA CODING
return True Pypi (https://pypi.python.
else: org/pypi) is the ultimate
return False source of Python packages
If you include the above section of code into a file, and can fulfil just about
you can then send messages with: every need.
pynotify.init(“test”)
if hyperlink:
msg(“hyperlinks work”)
else:
msg(“hyperlinks don’t work”)
This makes it easier if you need to send several
notifications from a single program, as you can just
call the functions, but why should you have to include
these functions in every program that you want to use
notifications? You don’t! Instead you can create a
module that you import (in a similar way you imported If you save this in a file called alert.py, you can
pynotify) that just makes the functions available. import it in the same way as noti.py, and use the alert
There’s nothing special about modules in Python. function with:
They’re just regular Python files that are called by import alert
name. We’ll call our module noti, and this means we’ll alert.alert(“Hello World!”)
use the filename noti.py. Create this file and include We can bring our two modules together to make a
the code: package for simple desktop interactions. Packages
import pynofity are similar to modules in that they can be imported,
def set_app(title): but they’re different in that they contain multiple files
pynotify.init(title) that can work together or separately.
You’ll also need to include the msg and hyperlink Packages are directories that include a file called __
functions from above. If you save this in a directory, init__.py. This file can be empty, in which case it just
then any time you start Python in the same directory, serves to show Python that the directory includes a
you can use import noti to bring in all the functions, eg: package, or it can include any code that needs to be
import noti run when the package is first imported.
noti.set_app(“test”) We’ll call our package simpledesktop, so you’ll need
if noti.hyperlink: to create a directory called simpledesktop. Inside that
noti.msg(“<a href=’http://www.linuxvoice. directory, you’ll need the alert.py and noti.py files that
com’>website</a>”) we created earlier. You’ll also need a file called __init__.
else: py. Since we don’t need any initialisation code, this
noti.msg(“no hyperlinks”) can be empty.
This works because any time you use the import Now, from the directory in which simpledesktop
command, Python looks for the appropriate file to sits (so, for example, if you created simpledesktop in
import. There’s a particular set of directories it looks in your home directory, you’ll need to run this in your
to find the file, and that’s stored in sys.path. You can home directory), you can run Python interactively and
view this with: do the following:
import sys >>> from simpledesktop import alert
print sys.path >>> alert.alert(“Hello World”)
If you put your code in any directory in that path The __init__.py file does have one useful feature we
(which should include the current directory), then the can use. If it has a variable called __all__, Python will
import command will find it. use that to decide which parts to import if the user
does from simpledesktop import *. In our case, you
Packing it up need to add the following line to __init__.py to bring in
This situation works well for simple modules, but everything:
sometimes it’s not convenient to put everything in a __all__ = [“alert”, “noti”]
single file. Suppose, for example, we wanted to extend You can now (in a new Python session) run:
our simple notifications tool to include alert popup from simpledesktop import *
boxes as well as desktop notifications, it would make alert.alert(“Hello World”)
sense to put that in a different text file. We’ll do just noti.set_app(“Hello”)
this by creating another module that’s a simple noti.msg(“World”)
wrapper around EasyGUI (you’ll need to install this Packages can be added anywhere in the path and
from your package manager): Python will find them (as long as the __init__.py file is
import easygui there). Using this structure, you can create packages
def alert(text): as complex as you like, and you should never have to
easygui.msgbox(text, title=”alert”) re-type commonly used code again.
www.linuxvoice.com 105
� CODING MACHINE CODE
ASMSCHOOL: GETTING DOWN TO
TUTORIAL
THE BARE METAL
Part 3: It’s time to say goodbye to the operating system, and boot
MIKE SAUNDERS
your PC from your own code.
I
n the last two issues we’ve gone through the machine, without the operating system interfering in
WHY DO THIS? basics of assembly language, looking at registers, any way. Exciting times!
• Learn what compilers do loops, conditionals, the stack and other topics. To do this, you need to understand how the PC boot
behind the scenes
You now have enough knowledge to write simple process works, so we’ll go through that step by step.
• Understand the
language of CPUs assembly programs on Linux – but we’re going to get Then we’ll create a simple bootloader that outputs a
• Fine-tune your code for even more low-level this issue. Yes, we’re going to message to the screen, and show you how to run it in
better performance jettison the operating system and get down to the an emulator. We’ll also make it write to removable
bare metal of your PC. You’ll write code that executes media such as a USB key, so you can try it on real
directly on the CPU and has full control of the machines and win an insane number of geek points.
1 THE X86 PC BOOT PROCESS
When you hit the power button on your PC, a bunch of The BIOS is simply some firmware provided in the
things happen before the Linux kernel is loaded into PC, and contains software that the CPU executes as
your RAM banks and executed. Indeed, the PC is just soon as the PC is turned on. Typically the BIOS will
a bunch of chips and has no idea of what a kernel is, perform a bunch of checks to make sure that the PC
or where to find it, or how is in a sane state – for instance, to check that RAM
“Fortunately almost every PC to even read the
filesystem on the disk. A
banks are present, and to produce the classic “Press
F1 to continue” message when you don’t have a
includes a BIOS – a ‘basic PC on its own would be keyboard plugged in.
input/output system’.” useless, but fortunately
almost every PC includes
The BIOS will then attempt to load a chunk of data
from some form of media. Most BIOSes know how to
a BIOS – a “basic input/ access floppy disks, hard drives and CD/DVD-ROM
output system”. (Some very recent PCs include an drives, and sometimes USB keys as well. But BIOSes
emulated BIOS, or have deprecated it in favour of the are small, and don’t have space for lots of filesystem
Here’s our code, running in alternative UEFI method – so if you only have drivers. So the BIOS doesn’t understand the ext4 or
a PC emulator – no UEFI-equipped PCs, you’ll need to use a PC emulator Btrfs filesystems as used on Linux, and therefore can’t
operating system required! for this tutorial, as explained later.) navigate a partition to find the Linux kernel, but it can
grab the first 512 bytes from the drive, load it into
memory and execute it.
Multi-stage to orbit
You can’t do much in 512 bytes, but this chunk of
code (known as the first stage bootloader) typically
has enough logic to load more data from the disk, this
time several kilobytes, which can provide a more
fully-featured bootloader with menus and options.
Alternatively, this code may go on to load more data
from the disk and present an even more advanced
bootloader with graphics and wider filesystem
support. So in the PC boot process, the computer
“pulls itself up by its bootstraps” (which is where the
term “booting” comes from).
Now, we can write our own code to fit into these
512 bytes and have full control over the machine. But
you may be wondering: without an operating system,
how are we going to make a message appear on the
screen? Won’t we have to write a complicated video
106 www.linuxvoice.com
� MACHINE CODE CODING
driver, with pixel-plotting routines and font definitions, See www.ctyme.com/intr/
which will surely be much larger than 512 bytes? int-10.htm for a full list of
Well, yes – if we didn’t have the BIOS. Along with routines provided by the
system health-check and data loading facilities, the BIOS.
BIOS also includes a small set of routines for basic
input and output (hence the name). We can ask the
BIOS to print a letter to the screen, or check the
keyboard for input, without having to write specialised
drivers which could require thousands of lines of
code. So the BIOS acts as a very rudimentary
hardware abstraction layer, letting us do a handful of
jobs quickly and easily.
2 WRITING THE BARE-METAL CODE
So, let’s write some code that fits into this 512-byte various tasks – but we can talk to the BIOS. The first
space. The following is a short program that prints line, BITS 16, is a directive that tells NASM (the
coloured messages on the screen for infinity – well, program that converts assembly language code into
until you power off the computer. Type it in and save it binary for the CPU to execute) that our code is 16-bit.
in your home directory as boot.asm, or grab it online When you switch on an x86 PC, it initially operates in
from www.linuxvoice.com/code/lv014/boot.asm. 16-bit mode, like PCs of the early 1980s, for
BITS 16 backwards compatibility reasons. Modern operating
systems like Linux and Windows use various
mov ax, 07C0h ; Where we’re loaded instructions to switch the CPU into 32-bit (or 64-bit)
mov ds, ax ; Data segment mode, but we don’t need that here – we just want to
print some text.
mov ax, 9000h ; Set up stack Now, the BIOS loads our 512-byte program into
mov ss, ax position 07C0 (hexadecimal) in RAM, which is
mov sp, 0FFFFh ; Grows downwards! equivalent to 1984 in decimal. (It doesn’t load it into
And here’s the code
position 0, as that’s taken up with some important running off a USB key
mov ah, 0 ; Set video mode routine system data.) In the first two mov instructions in our (emulating a floppy drive)
mov al, 0Dh ; 320x200x16 colours code, we set the data segment register (DS) to point on an Asus laptop. This is
int 10h ; Call BIOS to this 07C0h location. Segments are ugly old the real deal.
loop:
mov si, text_string
call print_string
inc bl ; Change colour
jmp loop
text_string db ‘Bare metal rules! ‘, 0
print_string:
mov ah, 0Eh ; Print char routine
.repeat:
lodsb
cmp al, 0
je .done
int 10h ; Call BIOS
jmp .repeat
.done:
ret
times 510-($-$$) db 0
dw 0AA55h ; Boot signature
If you followed the last two assembly language
tutorials, some of this will be familiar to you, but a lot
of it is new as well. This is largely because we no
longer have access to the Linux kernel to handle
www.linuxvoice.com 107
� CODING MACHINE CODE
remnants of 16-bit code, and we won’t deal with them lines do:
extensively here, but in a nutshell: in a 16-bit register mov ah, 0 ; Set video mode routine
you can store numbers from 0 to 65535. So when mov al, 0Dh ; 320x200x16 colours
using 16-bit memory addresses, you can only access int 10h ; Call BIOS
65536 memory locations – that is, 64k. This is much Do you remember from the previous tutorials that
too small for many tasks, so before 32-bit processors we called the Linux kernel using int 80h? Well, to
became the norm, 16-bit CPUs used “segments” as access the BIOS we use int 10h, and the BIOS also
offsets to access more RAM. needs various parameters supplied in registers.
They made 16-bit programming a mighty pain in Normally you place the BIOS routine you want to use
the rear, and everyone was happy to move to 32-bit in the AH register, and then extra parameters in the
and have easy access to 4GB of RAM. Because our other registers. For instance, to change the video
program is tiny, we mode we need to place zero in AH – and how do we
don’t even need to know that? In the olden days we’d have a thick book
“512 bytes is tiny, but cunning do any detailing the BIOS’s inner workings, but today we can
coders can eke quite a bit of complicated
operations with
find a list of BIOS routines on the web, eg www.ctyme.
com/intr/int-10.htm.
functionality out of limited space.” segments, and the You’ll see there that there are routines for “Set video
chances are that mode”, “Write graphics pixel”, “Teletype output” (which
you will never have to again in the future – unless you we’ll use in a moment) and so forth. If you click on the
want to write a 16-bit program larger than 64k. Int 10/AH=00h link you’ll see a list of video modes
Anyway, we then have three more mov instructions underneath, and here we’re using 0Dh, which is
which set up the stack. We place the stack in a certain 320x200 pixels in 16-colour mode. That’s ridiculously
segment using the SS (stack segment) register, and low-res by today’s standards, but ensures that the
then put SP (the stack pointer) at position FFFFh. If code will work almost everywhere, including on that
you’ve been brushing up on your hexadecimal old late 80s box gathering dust in your attic.
PRO TIP knowledge since last month, you’ll know that FFFFh = Then we have a loop:
It’s important to note that 65535 in decimal. So why are we putting the stack loop:
you can’t access BIOS pointer at the very final position in a segment? If we mov si, text_string
routines from inside Linux
push something onto the stack, won’t it overflow and call print_string
or Windows. They’re only
available in 16-bit mode, cause problems in the program? inc bl ; Change colour
and by the time that Well, no. You see, on x86 PCs the stack grows jmp loop
Linux, Windows and other
downwards, so when we push a 16-bit (two byte) This calls a print_string routine (which we define
32-bit and 64-bit OSes
have booted, the BIOS is number onto it, the stack pointer is actually underneath). The routine takes the location of a
no longer accessible. decremented by two bytes. When you pop a number zero-terminated string in the SI register, and a colour
(Well, there are some
off, it goes back up. (If you keep popping off more in BL. This loop goes on forever, and in each iteration
stunts you can pull to set
up virtual 16-bit modes, than you’ve pushed on, it will go up over 65535 and we increment the BL register, so it goes from 0 to 255
but it all gets rather you’ll have lots of fun and games in your debugging...) and then flows over back to 0. This gives us a
hairy.) So if you want to
constant cycle of colours for the message text.
write your own all-singing,
all-dancing 32/64-bit OS, Taste the rainbow Underneath, you can see that the print_string
you’ll have to say a tearful So, we’ve done the ugly segment-related work, and routine is somewhat similar to the one we
goodbye to the BIOS and
now we can get our hands dirty with some actual implemented last month, albeit simpler as we don’t
write your own keyboard,
screen and storage code that does interesting stuff. First up, we want to have to work out the string length. This time we use
drivers. switch to a graphics video mode so that we can easily the BIOS’s teletype routine, 0Eh, which prints a
print coloured messages. That’s what these three character to the screen and moves the cursor
Running on real hardware
If your PC happens to have an inbuilt floppy drive, you can sd 2:0:0:0: [sdc] 501760 512-byte logical blocks
write the virtual disk image to a real disk using this: This tells us that the drive we plugged in has the device
dd if=floppy.img of=/dev/fd0 bs=1024 name sdc – it may be different in your case. Unmount/eject
You may need to do this as root, and if it’s a USB floppy the drive using your file manager (or the umount command at
drive, change the device to /dev/sdb1 or similar – use dmesg the command line), and then write the floppy drive image to
after plugging in the drive to see its device name. Then you the key as follows:
can boot your PC from the floppy disk and see your code dd if=floppy.img of=/dev/sdc bs=1024
running natively on your PC. Be sure to get this exactly right, and replace /dev/sdc with
Chances are that you haven’t used floppy disks in many whatever you saw from the dmesg output. Ask on our forums
years, however, but there’s another option: USB keys. Many (http://forums.linuxvoice.com) if you get stuck.
BIOSes have the facility to load a floppy disk image from a Once the data has been written and you’re returned to the
USB key and execute it like a real floppy. Note that this will prompt, restart your PC and in the BIOS boot menu, choose to
completely erase the USB key until you next reformat it! Plug boot from the USB key. All being well, you’ll see the colourful
in the key and then enter dmesg in a terminal. In the most messages again, but this time running on your very own
recent output at the end, you’ll see various messages like this: hardware. How cool is that? The answer is: very cool.
108 www.linuxvoice.com
� MACHINE CODE CODING
onwards. The specific character is provided in the AL
register (which we retrieve via the lodsb instruction)
and the colour is set in BL as mentioned. So in this
subroutine we keep retrieving characters from the
string and printing them via the BIOS (int 10h) until we
hit a zero, and then we ret (return) to the calling code.
One thing to note here is the labels with periods in
front of them, eg:
.repeat:
The period denotes that this is a local label, and
NASM extends it by prefixing it with the nearest full
(non-period) label above. So NASM turns this into
print_string.repeat when it works through the code.
Why is this useful, you may ask? Well, it means you
can use the same local label name multiple times in
your code. In a big source file, you may want to use
lots of labels like loop, repeat or finish. With local
labels, each routine can have its own versions of these
– you don’t need to come up with unique names every
single time.
For more examples of 16-bit bootloader and simple operating system source code, see
The final two lines in our code aren’t instructions,
http://tinyurl.com/dossource (MS-DOS 1.1 and 2.0)
but directives for NASM:
times 510-($-$$) db 0
dw 0AA55h ; Boot signature php?f=2&t=21042. Here, programmers were
For the BIOS to recognise and load our program, it challenged to make something impressive in 512
has to be exactly 512 bytes in size and end with the bytes, and they certainly succeeded: one developer
number AA55h. So the first line here pads out our wrote a pseudo-3D car-racing screen saver, while
program with zero bytes until it reaches 510 bytes in another implemented the Game of Life.
size, and then we define a “word” (a 16-bit or two-byte Another project you may find useful, either as a
value) of 0AA55h to put at the end. source of code snippets you can nab, or just general
And that’s it! We haven’t done a huge amount here, inspiration, is Tetranglix at https://github.com/
but you can add more of your own code to this Shikhin/tetranglix. This is basically Tetris
bootloader, providing that the resulting binary doesn’t implemented in a bootloader – so inside 512 bytes
grow any larger than 512 bytes. (If your code – and while it’s not much of a looker, it maintains the
becomes too big, NASM will complain when you try to core gameplay elements of the timeless classic. Then
assemble it.) 512 bytes may seem tiny, but cunning there’s BootChess, which proudly proclaims that it’s
coders can eke quite a bit of functionality out of this the “smallest computer implementation of chess on
limited space, as shown in the “512-byte OS contest” any platform”, weighing in at just 487 bytes: www.
at http://forum.osdev.org/viewtopic. pouet.net/prod.php?which=64962.
3 RUNNING THE CODE
To see our code in action, we can boot it in a PC Now install a PC emulator such as DOSBox or
emulator. And it also needs to be on some kind of QEMU from your distro’s repositories, and boot your
media. The simplest way to do this is to create a virtual floppy disk in them using one of these
virtual floppy disk – ie a disk image – so install the commands:
dosfstools package from your distro’s repositories dosbox floppy.img
and enter this command: qemu-system-i386 floppy.img
mkdosfs -C floppy.img 1440 And voilà: the coloured messages zoom by,
This creates a new DOS-formatted disk image produced by the bare-metal code that you’ve just
called floppy.img that’s 1.4MB in size. Next, assemble written. Not bad, eh? If you want to try it on real
the code: hardware, see the boxout, left – and next month we’ll
nasm -f bin -o boot.bin boot.asm expand this bootloader considerably so that it can
The -f bin is important here, as we want a plain execute more programs from the disk, including
binary file – we don’t need a complicated Linux programs you’ve written yourself. Yes, we’ll turn it into
executable with all its extra bits and bobs. This a rudimentary, but functioning, operating system!
creates a 512-byte file called boot.bin, and we inject it
into the start of the floppy disk image like so: Mike Saunders has written a whole OS in assembly
(http://mikeos.sf.net) and is contemplating a Pi version.
dd conv=notrunc if=boot.bin of=floppy.img
www.linuxvoice.com 109
� MASTERCLASS NETWORK SNOOPING
MASTERCLASS
Keep tabs on your network traffic to see what’s going
BEN EVERARD through the wires you’re paying for.
SEE WHAT’S HAPPENING ON
YOUR NETWORK.
Looking at the data flowing across your network can be an ethereal experience. You’ll be
surprised at what you can see when you start snooping...
A
network protocol analyser lets you peer inside this is granted to users in the wireshark group. Add
JOHN LANE your network and see what’s really happening your user to this group if you want to capture packets
on it. Its deep packet inspection allows you to (you don’t need to do this if you’ll only be analysing
see the chunks of data, called “packets”, moving previously captured packets).
across your network and view the data inside them. When you launch it, you’re presented with the main
And, if that data isn’t encrypted, you’ll quickly realise screen. You can read about the various displays in the
how much information is readable by anyone! on-line documentation (press F1, do Help > Contents
We’re going to look at Wireshark, a cross-platform or browse to www.wireshark.org/docs to view the
desktop network analysis application that was known User’s Guide – Chapter 3 describes the user
as Ethereal until 2006. There are versions for use with interface). To begin capturing, choose your network
GTK and Qt libraries, although the latter is considered interface from the panel on the left-hand side (it’ll be
PRO TIP
a less-mature port of the former. They use the called something like eth0 or, if you have Systemd, it
Packet-sniffing is a libpcap packet capture library to capture network might be like a more cryptic “enp3s0”) and then press
privileged affair. However,
Wireshark doesn’t need packets for inspection. the green shark-fin button to begin capturing.
elevated privileges unless You’ll most likely find a package in your distro’s Captured packets are displayed as they arrive; press
capturing traffic. repository – you can choose from command-line, GTK the red-square button to stop capturing.
or Qt variants. The GTK version on Arch Linux is You can save your capture if you want to – use File
wireshark-gtk; it’s simply wireshark if you’re Debian- > Save or use the toolbar button. As you would expect,
based. The current stable release is 1.12.3, but some there’s an option to open a previously saved capture
distros may lag that slightly. file. Users can work with such files without having
You can run Wireshark as any unprivileged user, but elevated privileges, so they don’t need to be members
it requires elevated privileges to capture packets and of the wireshark group.
Who’s calling?
Among the various data displayed about a packet is
its source and destination, which will either be a MAC
or IP address depending on the protocol layer that the
packet is from. You might prefer to see recognisable
names here, especially if you’re on a busy network.
There are two options for you – either let Wireshark
use name resolution or provide names yourself.
It may be tempting to use name resolution but this
Wireshark’s default layout
has the negative side-effect of polluting your capture
displays captured packets.
Click on a packet to see its with the name resolution requests that Wireshark
contents organised by would make to a DNS server. It’s disabled by default to
protocol. You can view prevent this but you can enable it on the “Name
data bytes in hex or binary. Resolution” preferences page if you want to. However,
110 www.linuxvoice.com
� NETWORK SNOOPING MASTERCLASS
an alternative is to provide names yourself. You do
this by creating Wireshark-specific “hosts” and “ethers”
files to map addresses to names in a similar way to
the system’s own /etc/hosts file and they have a
similar format. Use your favourite text editor to create
the file ~/.wireshark/hosts with entries like:
192.168.1.254 router
and ~/.wireshark/ethers with entries like
a2:e4:e6:65:2b:c2 router
You can also add comments – lines beginning with
the # character are ignored.
In addition to the above, Wireshark will learn
whatever names it can from captured DNS packets,
so you might see some names resolve magically even
Viewing a TCP stream lets
if name resolution is disabled and you haven’t though the display shows the protocol in upper case).
you see a conversation in
provided them yourself. The display will then show only that kind of traffic. one piece. Look out for
You may also see SSDP packets because they’re those login credentials
Be promiscuous based on HTTP (it’s is a multicast protocol used by sent in cleartext...
Network interfaces normally ignore any data packets UPnP services). You won’t, however, see HTTPS. You
that aren’t destined for them. This is usually a good can resolve these issues by using a filter expression
thing because it removes the overhead associated like this:
with accepting irrelevant data. Data packets destined (ssl.record.version >= 0x0300 or http) and not udp.dstport ==
for a network interface includes the obvious “Unicast” 1900
data addressed only to it, “Multicast” data sent to This example demonstrates the display filtering
multiple nodes on the network and “Broadcast” data language. It accepts the usual comparison and logical
sent to all nodes on the network. expressions written using English keywords or C-like
However, data that would not normally be received symbols and you can use parentheses to build
PRO TIP
can also be of interest when you are sniffing about compound expressions. As you write your expression,
You can create rules
and you can tell a network interface to accept a drop-down list shows possible values based on based on captured
everything that it receives by enabling its so-called what you’ve entered. You’ll notice from our example packets for various
“promiscuous mode”. that you can’t always use the protocol name but there firewalls including
iptables. Right-click a
A promiscuous interface will see everything that are other tactics you can use like we have done to packet and select Tools >
arrives at that interface but that isn’t necessarily include SSL and exclude SSDP. Firewall ACL Rules. You
everything on the network. If it’s connected to a port Another use for display filtering is to add emphasis can build rules that either
accept or drop the
on a network switch then it may only see the traffic to captured packets by displaying them in different selected packet.
emitted from that port. So, what you can see also colours according to defined “Colouring Rules”. A
depends on where you look. number of default rules are provided, but you can alter
Wireshark enables promiscuous mode by default, them to suit your own requirements (select View >
but you can control it with a check-box on the Coloring Rules from the menu). You can import and
“capture” page of the Edit > Preferences box. export rules and there are user-contributed profiles
available at wiki.wireshark.org/ColoringRules. The PRO TIP
Sniff, sniff… Import dialog has a button that imports the Global Filter expressions are
described in the User’s
OK, so you’ve captured some data. Let’s take a look. Colour Filter File, which contains the default rules. guide. See section 4.13
The first packet captured receives a time-stamp of Another way to apply colour filters is by for capture filters and 6.4
zero and all other packets are time-stamped relative to conversation, or all the traffic between two endpoints for display filters.
the first. These values are displayed in the “time” field – the protocol-specific places between which the
by default, but you can change this to regular traffic flows, such as the IP address and port at each
date-time values by selecting View > Time Display end of the HTTP request made when you browse a
Format from the menu. website. You can colour the conversation that
Captures usually contain a lot of data, so the first includes the selected packet by pressing the Ctrl key
thing worth doing is to apply some filters to make it along with a number key.
easier to see what’s interesting. The “Filter” box is You can right-click on a packet and select Follow
beneath the toolbar and you can enter basic TCP Stream to display the conversation it’s part of.
expressions to filter what’s displayed (there’s also a This opens a separate window that displays the data
capture filter but it’s best to capture everything while within the entire bi-directional conversation, but you
you’re learning how to use it). can filter this to view either direction.
To begin, let’s sniff out web browsing activity. Enter There are other displays that list and categorise
“http”, the protocol used for web traffic, into the display conversations (Statistics > Conversations) and
filter box in the toolbar and then press the Apply endpoints (Statistics > Endpoints), plus many others
button (you need to use lower case in the filter even that you can explore.
www.linuxvoice.com 111
� MASTERCLASS NETWORK SNOOPING
SNOOP WITHOUT A GUI
WITH TSHARK
When you need to capture packets from a server, you need a tool that works over SSH…
S
ometimes you may want to use a packet
JOHN LANE analyser on a server or other machine where it
isn’t practical to run a GUI application. Perhaps
you want to capture packets on the server for later
analysis with Wireshark back on your desktop, or you
just want to perform some quick checks right there on
the server. Command line tools exist to help in this
regard and Wireshark’s command-line cousin, tshark, is
one of these.
It’s usually packaged separately so that you can
install it on servers without the GUI dependencies.
Debian users should look for the tshark package,
whereas it’s wireshark-cli on Arch. Capturing has the
same privilege requirements as the full GUI version
(be root or add your user ID to the wireshark group).
You can run it straight from the command line and, The Wireshark website is a good reference for information.
by default, it will list the captured packets to the There’s documentation and a question-and-answer
screen. However, it’s more useful to write the capture system that you can use to ask for help.
to a file:
$ tshark -i eth0 -w capture.pcapng given to Wireshark tell it to start capturing immediately
from standard input.
Tunnel it One thing to consider is that you’ll need to restart
Another way to use tshark is through an SSH tunnel. tshark if you stop the capture in Wireshark. This is
This lets you monitor a remote server in real time with obviously easier with the named pipe method
Wireshark. It’s a bit convoluted, but goes something because it doesn’t require restarting Wireshark as well.
like this: When capturing remotely, you can pass parameters
$ ssh myserver ‘tshark -f “port !22” -F pcap -w -’ | wireshark -k -i on the tshark command-line to filter the capture and
- reduce the amount of data passed over the SSH
This assumes that you can log in to the server tunnel. Both tshark and Wireshark delegate packet
without needing to enter a passphrase (ie your SSH capture to a separate utility called dumpcap. This is
agent has cached it). If that isn’t possible, an the part that runs with root privileges, and you can use
alternative method is to use a named pipe: it directly if you don’t require the post-capture features.
$ mkfifo /tmp/myserver You can replace tshark on the command-line like this
$ wireshark -k -i /tmp/myserver & $ ssh myserver ‘dumpcap -f “port !22” -P -w -’ > /tmp/myserver
$ ssh myserver ‘tshark -f “port !22” -F pcap -w -’ > /tmp/ The other way to use tshark is to do packet analysis
myserver directly on the server. You can do this while capturing
The arguments tell tshark to ignore traffic on port or by reading in a capture file, for which you use the -r
22, otherwise we’d get the SSH tunnel in our capture, argument:
and to output in pcap format, because that’s what $ tshark -r capture.pcapng
Wireshark expects on standard input. The arguments You can apply display filters using the -Y argument
using same syntax as Wireshark. The -f argument we
used above is for capture filters; this has no effect
Capture file formats when reading a capture file. There’s also a -R
argument for a read filter, which discards unwanted
The traditional packet capture file format is You must use the pcap format if you’re packets read from a file.
called pcap and there are lots of applications using pipes, because neither Wireshark nor
that use it including tcpdump and Wireshark. tshark can read pcap-ng from a pipe. You’ll
There’s also a next-generation format called get an “Unrecognized libpcap format” error Options by example
pcap-ng, and Wireshark, tshark and dumpcap message if you try to do this; it’s why we tshark has no interactive mode, so you need to know
use this by default. It’s recommended to use specified the format in the SSH examples. in advance what output you want and describe it
the .pcapng file extension for these to Wireshark includes a utility, editcap, that can using the command-line options. This is best
differentiate them from the .pcap file format. convert between these formats.
described with an example.
112 www.linuxvoice.com
� NETWORK SNOOPING MASTERCLASS
Real uses
Network sniffing might, at first, appear to be a nefarious
activity, but there are legitimate reasons to do so. Here are
some examples of things you might find:
Consumers of unwanted network bandwidth.
Malware.
Misconfigured network devices.
Inappropriate network traffic (hack attempts, etc).
$ tshark -i eth0 \
-f “tcp port 80 or tcp port 443” \
-f “host www.linuxvoice.com” \
tshark can capture
-w capture.pcapng \ Most wireless traffic is usually encrypted, and you
packets, filter them and
-z follow,tcp,ascii,1 need to supply the passphrase to decrypt it. The -o write to a file. When it’s
We’ve broken the command across multiple lines to command-line option allows various options to be set, done, it can output details
make it more readable. It begins with -i to select and we can use this to supply these credentials. The of the capture. Here we see
which interface to capture on. This argument can be following example demonstrates this with a sample the beginnings of a web
repeated if you want to capture on more than one capture file that you can download: request.
interface. You can list the available interfaces with $ curl -o sample.pcap ‘http://wiki.wireshark.org/SampleCaptures
tshark -D, which outputs a numbered list. You can ?action=AttachFile&do=get&target=wpa-Induction.pcap’
specify interfaces by their name or number. $ tshark -nr sample.pcap -o wlan.enable_decryption:TRUE -o
Next, we provide capture filters. These use a “uat:80211_keys:\”wpa-pwd\”,\” Induction:Coherer\”” -Y “http”
different syntax to display filters, which comes from The capture is from a wireless network called
the underlying libpcap library. First, we specify HTTP “Coherer” that has a WPA2 passphrase of “Induction”.
(port 80) and HTTPS (port 443) to see only web traffic. The options we set enable decryption and supply
Then we restrict our interest to a specific host. those credentials. The values given in these
We then use -w to write out output to a file for later arguments are those you’d see if you looked at the
perusal with the Wireshark GUI. The last argument preferences stored in the ~/.wireshark directory that
requests a statistics report and is equivalent to the Wireshark creates. You’ll find the wlan values in a file
“Follow TCP Stream” function in the GUI. The called preferences. The uat (User Access Tables)
conversation is written to the terminal when we end values are different – you’d find those values in the
the capture (Ctrl+C). specified file which, in this example, is 80211_keys.
If there is a preferences directory on the machine
It’s in the air running tshark then it will use it. You may find it easier
It’s quite likely that the traffic you want to analyse is to configure Wireshark to your requirements and then
wireless and doing so is entirely possible but a little copy the preferences directory to where you want to
more difficult than sniffing copper. run your capture. See the “IEEE 802.11” panel on the
If you capture packets from a wireless interface, Wireshark preferences screen. Decryption is only
you’ll only see data after connecting to the wireless possible if you capture the authentication handshake,
network and then only what’s intended for your so you need to start capturing before an endpoint
interface (promiscuous mode has no effect). But authenticates with the access point.
PRO TIP
there’s more – the wireless network protocol, called
Beware the permissions
IEEE 802.11, uses its own data packets to operate the Other tools set on your Wireshark
network, and you can see these as well as all the data The library that Wireshark and many other tools rely on preferences files,
belonging to other users of the network. You just need for packet capture is libpcap. It originated as part of a especially those
containing encryption
a wireless interface that can be put into a special command-line packet analyser called tcpdump that’s keys, because they’re
“Monitor” mode. been the long-standing capture tool of choice on world-readable by default!
Many interfaces don’t allow monitor mode but UNIX-like systems. You can use tcpdump instead of
some allow a second device node to be created called tshark or dumpcap for packet capture; it understands
a “Radio Tap”. One such interface commonly found in fewer protocols but is more likely to be available on a
laptops is the Intel Pro Wireless 2200 that uses the UNIX-like system without installing additional
“ipw_2200” Linux kernel driver. If you have one of packages, so it’s worth knowing about. You can pipe
these, you can enable a radio like this: its output over SSH to view in Wireshark; follow our
# echo 1 > /sys/class/net/wlp6s10/device/rtap_iface earlier examples but replace the tshark command:
# cat /sys/class/net/wlp6s10/device/rtap_iface tcpdump -U -s0 -w - “port !22”
rtap0
# ip link set rtap0 up John Lane provides technical solutions to business
You can then capture all wireless data from the problems. He has yet to find something that Linux can’t
solve.
radiotap device (rtap0 in the example).
www.linuxvoice.com 113
� /DEV/RANDOM/
Final thoughts, musings and reflections
Nick Veitch
was the original editor
of Linux Format, a Treadmill desk for
role he played until he staying fit during
got bored and went Mister Spooky
the cold winters and
to work at Canonical (and friends).
hot summers.
instead. Splitter!
Happy Hacking Walls of text
T
he recent Mobile World Congress in keyboard, USB
touchpad, and x2x for
Barcelona had a lot of good success dual-screen input.
stories for Linux, one of the coolest may
be the “Runcible” (Edward Lear would have been My other half
Ever-growing stack
hard at work
proud), a sort of round not-a-phone, not-a tablet, of Ubuntu phones
(together, we’ll
bigger-than-a-watch. The idea behind it is (six so far).
save the world!).
apparently to challenge the conventional
aesthetic of modern mobile gadgets. Well, job
My Linux Setup Selene Scriven
done! It seems to run on the Firefox OS, which is
of course Linux, as it runs on a Linux kernel.
Cyanogen also had loads of new
announcements. This must be one of the most Free software generalist, currently doing QA for Ubuntu.
exciting new open source startups for some time
– growing from an online community of What version of Linux are you dollar servers.
modders to a hugely popular alternative to using at the moment? These days, I find myself tearing apart
Android, and now a fully-fledged company with Ubuntu! It’s good on the desktop, brand-new Ubuntu phones to find bugs
partners choosing Cyanogen over Android in the and excellent as a server. and measure performance, while also
first place. It will be fascinating to see the take-up trying to build the technological plumbing
of the Alcatel Hero 2+, which will ship with And what desktop are you using? for community efforts both inside and
Cyanogen OS installed, and not a Google app in Unity, presumably… outside of Canonical.
sight. Things like Maps, Google Play, Hangouts Sawfish, because it’s the only
etc will necessarily be missing, so we might get a real-time programmable UI I’ve What Free Software/open source
taste of how much of Android’s draw is the found that can handle 300+ simultaneous can’t you live without?
ecosystem rather than the interface. windows (useful if you only log out once Urxvt, zsh, Dillo, Vim and Python.
The old stalwart WebOS was still in evidence or twice per year). Lightweight and powerful! They
too, not only on a selection of TVs, but also on account for about 90% of my windows
some new, more conventional, watch prototypes. What was the first Linux setup and 90% of my code.
These things are all Linux (even Android), you ever used?
which is good. But are they Linux enough? It is Slackware 96, then Red Hat, Debian, What do other people love but
one thing having a watch that runs Linux, but if and now Ubuntu. Tried many others you can’t get on with?
you can’t hack together a Bash script to pipe along the way. In nearly two decades of Full desktop environments (Gnome,
filtered IRC notifications to it, is it really Linux? I doing free software for a living, there have KDE, etc), Systemd, and anything
suggest we start a Campaign for Really Useful been a lot of adventures… from making else which doesn’t follow the UNIX
Linux. At the bare minimum, in addition to a last-mile mesh networks high-up on radio philosophy. I get the feeling the future is
Kernel, a really useful Linux OS ought to have a towers to building a working prototype of going to be even more interesting than
terminal. You know where you are with a DARPA’s next deep-sea unmanned what we’ve already been through. We
terminal (usually somewhere in the 80s, submarine, from teaching Eskimos how to survived the prelude… but with free
but in a good way). Future gadget makers make a meagre living on the internet to software becoming a major force in the
take note… getting paid for breaking multi-million world, the real story is just beginning.
114 www.linuxvoice.com
�CC-BY SA
��