Tabla de contenidos para No. 179 en Linux User & Developer

This issue » The best live booters for your toolkit, p18 » The White Hat’s guide to IoT exploits, p50 » Blockchain takes on banking, p60 Welcome to the UK and North America’s favourite Linux and FOSS magazine. We start this issue off with a somewhat loaded question: Is Microsoft about to invest in Canonical, the company behind Ubuntu, the most popular Linux distro on the planet? It’s become clear that Canonical’s change of heart over Unity had much to do with dropping loss-making projects in a bid to court outside investors for a race to IPO. A Microsoft investment would make sense given the way that Ubuntu and Azure, Microsoft’s cloud computing platform, have been working together in so many ways over the years: Ubuntu was first on the…

As far as updates go, the Linux 4.11 kernel update is one of the biggest yet to come from Linus Torvalds. “So after that extra week with an rc8, things were calm, and I’m much happier releasing a final 4.11 now,” said Torvalds in an official blog post. At the top of the update list is improved support for swapping solid-state disks; there’s also official support for OPAL self-encrypting disk drives. For business users, the integration of Intel’s Turbo Boost Max Technology into the kernel will be a major plus, as it’s ideal for automating several key components of your CPU, and tailored to work well on low-resource machines. Virtual machine support has also gained some much-needed attention, with Shared Memory Communication over RDMA allowing for quicker communications between machines.…

Top 10 This month It’s been an up-and-down month for distros, with frontrunners Mint and Debian continuing to build a lead. Can any other distro offer a challenge next month? Highlights Mint The Mint team provided a series of stability improvements this month, helping to polish off some of the smaller bugs that had played havoc with elements of its default KDE interface. More improvements are expected later this year. Antergos Despite only recently launching a new update, Antergos has slightly dropped in this month’s listings.Teething errors have plagued the latest update, so further work needs to be done. CentOS Initial feedback for CentOS’s new update has been good, helping the distribution slowly gain a following. It remains a great choice for Red Hat Enterprise Linux users. Latest distros…

When shell scripting, it’s handy to perform an action on a list of items. We can do this using a for loop: ITEM_1 … ITEM_N is a space-separated list of items. The commands between do and done are executed for each item. The first item in the list is assigned to the variable, then the code block is executed. The next list item is then assigned to the variable and the commands are executed again, and so on until we reach the end of the list. Here’s an example script which shows how a for loop works. To run this, save it as, say, colours.sh, make it executable with chmod +x colours.sh , and then run it with ./ colours.sh. We have three items in our list. For the first…

This is the second part in a series of Erlang tutorials that talks about OTP, the most important part of the Erlang programming language apart from the language itself. This tutorial will begin with the necessary theory in order to let you understand what finite-state machines are and why they are so important that OTP has a dedicated behaviour for supporting them. Then, the Erlang way for supporting finite-state machines, which is the gen_fsm behaviour and the gen_fsm module, will be explained in more detail before you start developing actual Erlang and OTP applications. Next, the Erlang code of two handy and representative examples will be presented. The first one implements a finite-state machine with only two states; the other example implements a finite-state machine with three states, in order…

What you’ll need • Minecraft www.mojang.com/games • Python www.python.org • McPiFoMo http://rogerthat.co.uk/McPiFoMo.rar • Minecraft Turtle http://bit.ly/MinecraftTurtle Minecraft’s ‘Creative Mode’ is indeed a great mode to get creative with, but it’s a time-consuming job placing blocks down into your world one-by-one. That’s why we put together a package which incorporates a range of modifications that enable us to execute Python scripts directly into a Minecraft world. McPiFoMo includes MCPiPy by ‘fleap’ and ‘bluepillRabbit’ of https://mcpipy.wordpress.com, and the Raspberry Jam Mod, developed by Alexander Pruss. We’ll also be using Minecraft Turtle, which was put together by Martin O’Hanlon of http://stuffaboutcode.com. That’s a lot of mods, but together they allow us to do with Minecraft on Linux what would usually have only been possible with the Raspberry Pi edition of Minecraft. As a…

https://cloud.google.com/vision/docs/common/auth "Plotly will generate visualisations of data" Why Python? It’s the official language of the Raspberry Pi. Read the docs at python.org/doc. “In several past articles, we looked at ways that your Raspberry Pi could be used to do data collection. This might be a scientific experiment, or you may be running a weather station, or some other monitoring system. In any case, we had focused on how to do the actual data collection and had not really looked at how to make it useful or interesting for any humans who might be checking in on the system. This month, we will look at one option available to handle the visualisation of all of this incoming data, namely the Plotly module. Plotly provides a very robust set of functions and…

You may not have considered the need for an address book separate from your email client (or nowadays, your mobile phone’s email client). And XML is sometimes seen as a clunky legacy standard, but for holding address data it’s a sensible format, and adx gives you a simple (easy to edit) text format, easy web access and a very light, minimal load on your disk space and system resources. If you’ve decided that your contacts should be listed on a server under your own control, not some internet company, then adx is also worth a look. It works well in Firefox, but Chrome users will need to work around security restrictions to run it. You can export all of your contacts to one VCF file – for backup, or transferring…

The best distros and FOSS Essential software for your Linux PC Professional video tutorials The Linux Foundation shares its skills Tutorial project files All the assets you’ll need to follow our tutorials Plus, all of this is yours too… • Download all the IT security tools that are covered in our White Hat's guide to the Internet of Things, including Binwalk,Checksec, Radare2 and Zap Proxy • Enjoy 20 hours of expert video tutorials from The Linux Foundation • Get the program code for our Erlang and Pi tutorials Log in to www.filesilo.co.uk/linuxuser Register to get instant access to this pack of must-have Linux distros and software, how-to videos and tutorial assets The home of great downloads – exclusive to your favourite magazines from Future Publishing Secure and safe online access,…

1 Bacula When it comes to an all-in-one package for backing up your computer data, Bacula is hard to match. It’s perfectly tailored to use on low-resource machines due to its minimal build, but is powerful enough to automate the entire backup process for you, saving you time and effort. 2 Areca Areca is without doubt a little complicated to set up, but remains the perfect choice for users wanting to back up multiple files simultaneously. It’s also remarkably versatile, enabling you to tailor it to the requirements of your system. 3 UrBackup Automation plays a big role in UrBackup, and it’s ideal for business users. Timed backups are easy to create in UrBackup’s attractive UI, enabling you to effortlessly transfer your files online. 4 Box Backup Box Backup is…

Integrating wireless connectivity directly into the tiny Raspberry Pi Zero was always going to be a big deal, so it’s no surprise that 250,000 units of the Pi Zero W have already been sold. It’s an impressive feat, and early indications show that by the end of 2017, it’s likely the Pi Zero W will have sold more than 500,000 units. However, the one downside of the Pi Zero W has been its limited availability, primarily due to a lack of core distributors. The latest news to come from the Pi Foundation is that 13 new Pi Zero distributors have now been added. With the announcement of the new distributors, the overall reach of the Pi Zero W is set to be massively increased. Many of the new distributors will…

“Centralised social networks were famously described as “spying for free” by Columbia University law professor Eben Moglen, who, among many things, helped defend Phil Zimmerman, the creator of Pretty Good Privacy, against the US government in the mid-1990s. The decentralised or federated model is popular among free software and privacy advocates for good reason: it’s generally non-commercial, open source and returns privacy controls to the user. Mastodon, which is built on GNU Social, is the latest in a long line of decentralised platform launches – from Ident.ica back in 2008 to Diaspora and others – hoping to carve a big enough slice of the social pie to kick-start a social media revolution. Mastodon scales by allowing anyone to set up a server, or ‘instance’, that can link to other instances…

01 Download the ISO The JonDo/Tor-Secure-Live-DVD ISO can be downloaded from http://bit.ly/JonDo. The release itself is about 1.2GB in size, and includes a SHA256 hash on the site. You should verify this before installing to ensure that the file hasn’t been tampered with (this is good practice, but particularly important with security-related distros!). Doing so is as simple as using the sha256sum command, followed by the filename. If the checksum doesn’t match, don’t use the image! An OpenPGP signature is also available on the page for additional security. 02 Select firewall mode Upon booting the ISO, you’ll first be asked to select a firewall mode. Three options are available: the ‘Simple Firewall’ blocks all inbound connections but allows all outbound ones. All installed applications will be able to connect to…

Twitter, the home of microblogging, has problems. In short, people just cannot help sharing offensive comments and material. It’s a home for cyberbullies, not to mention terrorist sympathisers. The idea behind Twitter is great; the problem is moderation. So wouldn’t it be great if Twitter could be moderated in a more effective way? Based on GNU Social, Mastodon offers a possible solution: community-based moderation. To achieve this, Mastodon – a microblogging service like Twitter, but with a 500-character limit – runs on your own server, or ‘instance’. The result is a local social network that can be administered with its own rules and account privileges. Posts can be shared to other (or all) instances, or kept local. Individual users, meanwhile, can specify privacy settings for each post that they make.…

In all the hype around Bitcoin, the real story – blockchain technology – has struggled to be heard outside of tech circles. There are a number of interesting open source blockchain projects (see Opening the Blockchain box, below), but the fastest growing is Hyperledger. Under the watchful care of the Linux Foundation and with strong backing from IBM, it’s built for real business use. Hyperledger enables the same anonymity, trackability and security as Bitcoin, but allows the construction of private blockchains with membership services and assigned roles. Fabric is the first Hyperledger implementation to be released from incubator status. We caught up with IBM’s Chris Ferris – who sits on the project’s governing board, as well as helping to manage the release process for v1.0 of Fabric – about the…

“SD cards do not last forever. Flash storage has a limited number of read/write cycles” What you’ll need • USB storage device • Ethernet cable At some point during the lifetime of your Raspberry Pi, you are likely to encounter a problem with your SD/microSD card. If you’re lucky, this will be minimal; perhaps a reboot will fix it. If you’re unlucky, it could mean the end of your SD card, and the loss of all data on your Pi, including your latest project. The simple fact is that SD cards do not last forever. Flash storage, by design, has a limited number of read/write cycles. While error-correction software is built-in, and cards ship with larger-than-described storage to cover damaged blocks, eventually corruption will cause a problem. SD card corruption…

In this article, we focused on using Plotly in the offline mode so that we could use the Raspberry Pi even when there is no internet access. However, Plotly was designed as an online service that handles the plotting of data on its servers. In order to do this, you will, of course, need to be connected to the internet, and you can use the plot and iplot functions from the main Plotly module. In this way, you can have your monitoring project set up as a headless machine and be able to check on the status from anywhere in the world. You will need to have an account at the main Plotly site (https://plot.ly). The free account enables you create plots, but they will be public. If you wish…

“You’ll get all the joys of what KDE offers, so things like simplicity and usability are at the forefront of Maui” RAM 1GB Storage 15GB HD space Specs 128MB VM 1.6GHz Intel Atom CPU (Recommended) Despite Ubuntu no longer being the only distribution (distro) for Linux newcomers, it hasn’t stopped an array of emerging distros based on it. One of the newest on the scene is Maui Linux, based on Netrunner (which is based on Ubuntu, which is based on Debian) but with an all-new focus on KDE at its core. Since its initial release, the distro has gained a small following, but its recent 17.3 release has promised big changes. Installation hasn’t changed much since the initial release of Maui, and still focuses on the Calameres installer. Now updated…

There is plenty of code that has been abandoned. Like the undersea parts of an iceberg, it makes up the majority of open source code available, but lies unnoticed, hidden in old repositories. Not all of it is without merit, and occasionally someone will dust off decades-old source code and get it working again. Oleo was a spreadsheet that had its heyday long before OpenOffice came along, before even the Gnumeric spreadsheet, when office functionality was a weakness for GNU/Linux distros and the GNU project developed various pieces of office software. Oleo was started in 1992 and came to a halt in 1999, just before 2.0 was released. Neoleo is a relaunch by Mark Carter – you could read it as neo (new) Oleo, but ne- is Esperanto for ‘not’,…

Use our intuitive Control Panel to manage your domain name Featured host:  www.thenames.co.uk 0370 321 2027 About us Part of a hosting brand started in 1999, we’re well established, UK based, independent and our mission is simple – ensure your web presence ‘just works’. What we offer • Free email accounts with fraud, spam and virus protection. • Free DNS management. • Easy-to-use Control Panel. • Free email forwards – automatically redirect your email to existing accounts. • Domain theft protection to prevent it We offer great-value domain names, cPanel web hosting, SSL certificates, business email, WordPress hosting, cloud and VPS. being transferred out accidentally or without your permission. • Easy-to-use bulk tools to help you register, renew, transfer and make other changes to several domain names in a…

Despite it being close to five years since its last update, GRUB continues to be one of the more popular bootloaders. GRUB 2.02 is now ready for release, and boasts an impressive changelog to boot. At the centre of the update is a new filesystem front-end, with Coreboot CBFS now being a central element to the tool. There’s also been an overhaul in the primary graphics menu, allowing for easier control and navigation of existing tools. However, at the time of writing, the menu can be a little awkward to get working. Aside from this, users will find better support for both FreeDOS and Arm64 EFI, while there are also multiple upgrades to existing ZFS integration – enabling better file storage options to be refined. While an official release announcement…

“Linus Torvalds announced Linux 4.11, noting that toward the end of the development cycle “things were pretty calm”. There had been a one-week delay (and an extra -rc8 beyond the common rc7) due to a few outstanding bugs, in particular related to NVMe (Non-Volatile Memory Express) storage devices, which are now common on contemporary Linux laptops. The 4.11 kernel includes many new features, as well as pre-enablement for work that will be completed in the ongoing 4.12 cycle. An example of the latter is support for Intel’s ‘la57’ (five-level paging) feature on some future CPUs that will allow for up to 56 bits of Virtual Address space (128 pebibytes – a pebibyte is 250 bytes, a lot more RAM than most of us will see for many years to come).…

There’s no better way to get your message out to an audience than by using a digital display. Whether you want to display menu boards at restaurants or schedules at a conference, a digital signboard will get your message across conveniently. Thanks to the dipping prices of flat-panel monitors, a digital display is cheaper than traditional signage and offers several benefits. You can use it to display multiple bits of real-time information and it can be easily reprogrammed to show a different set of information at the touch of a button. Concerto is an open source piece of software that is designed to manage content on digital signboards and broadcast it to multiple displays from a web-based interface. The software can display multiple types of content, including static images, text,…

Creating good-looking cross-platform user interface designs has always been a challenging task, but given that Nokia intended Qt to act as a cross-platform UI development toolkit for various consumer-oriented mobile devices, the ability to create svelte-looking user interfaces was paramount. Since QtGUI wasn’t ideal for mobile apps, Nokia’s answer was QML. The principles behind it are simple: a JavaScript interpreter is tacked onto the user interface stack, permitting developers to reuse some or all of their knowledge when working on mobile apps for various platforms. In addition, the Qt runtime is accelerated as it can make use of the browser’s rendering infrastructure already found on the mobile device. Controls are constructed by combining the various graphical primitives; the widget can then be used as a constituent for other user interfaces.…

"The Tough Pi-ano had to take punishment all day long" Bryan McEvoy is an automation engineer by trade, which has given him the chance to design and build some pretty incredible things. Like it? The Tough Pi-ano is just one of a number of musical instruments that use the Raspberry Pi at their core. Another popular one is Dave Sharples’s Joytone (http://www.davesharpl.es), which combines Pi units and a plethora of ambient sounds in one unique package. Further reading Bryan has been kind enough to detail the entire build process of his Tough Pi-ano unit over on his site (http:// www.24hourengineer.com). While you’re there, take a look at some of his other projects, many of which use the Pi in some rather unusual ways. Keeping it tidy Due to the number of…

What you’ll need • Wi-Fi enabled Raspberry Pi • Parrot Drone 2.0 (or other) Drones are becoming ever more popular and mainstream. You may already be aware that Amazon is currently working on using drones to deliver packages directly to your house within hours of you placing an order, creating a new requirement for them to be autonomous and programmable. This tutorial offers a little taster of a Python module which enables you to write and deploy programs to your drone. The API used is now a few years old (2014) and supports operation with Python 2.7. However, it offers a number of simple methods for beginners to create their own programs and spark your curiosity. The tutorial begins with a quick walkthrough on installing the required software and libraries.…

We live in a data-driven world, where persuasive arguments come from those who can show you a convincing graph making the data and its implications clear. With a little bit of Python, Bokeh will quickly give you lovely graphs ready to embed in reports – or produce them in Jupyter notebooks showing your work in context. Installation is simple with your favourite Python tools: pip3 install or use conda if you have an Anaconda setup of Python and its scientific libraries. The documentation will get you started quickly, walking you through several different types of examples, but you may first want to head directly to the gallery page of the official Bokeh website to see what can be achieved. Bokeh’s strengths are interactive displays, working with very large or even…

Pronounced Conch, like the shell, Xonsh is a drop in /bin/bash replacement that gives you a Python shell, as well as the usual sh and bash functionality. This makes it easy to perform simple scripted tasks on the fly, entering short but multi-line snippets of Python code (pictured right). The occasions where something would carry a different meaning in Python or Bash are handled quite well. For example, ls -l is a long list in Bash, and typing it in Xonsh will give you that listing. However, first define the variables ls and l, and Xonsh will now take ls -l (with or without spaces either side of the -) as a subtraction. Delete the variable ls, and your list functionality returns. Installation is straightforward, with pip or conda. The…