Reviewed: intel core i5-8400 CPU Build your own distro Create a perfect openSUSE build with bespoke desktop and apps
Coding Academy: Reboot BBC BASIC and Kotlin
Get into Linux today!
Ubuntu 17.10 customise it! Craft the all-new Gnome desktop to work exactly how you want
64
Pages of Linux & Pi projects
Review Motor controller Reviews s Xxx
Tutorial Node-RED
Pi user
Mot e oZero g D: Us deinRE No mm Wi-Fi jathe GPIO pins B ming WiFi Jam Tutorial
Evil genius Les Pounder offers four-wheel drive! takes a look at an entry-level motorGivin g you that controller No terrain is safe from his nascent robot army!your fill of delicious uilding robots with RACHEL your
pesky rists and In brief... Raspberry Pi is incredibly t. cyberterro popular and not a day Designed for on your goes by safe from jamming scrip without a new robot this script the Pi Zero range, to stay being ’s Wi-Fi . Consider nd running but simple upon the world. Moving fromunleashed acompatible recomme you a way McInerney battery legal wrangles a simple can createwith strongly all 40-pin two-wheeled robot, avoid any a portable shows us how we We also e offers often with a Pi and g Dan area, to Les Pounder .com/ GPIO Pis, this is isolated Node-RED. balancing caster at just needs en for your thepihut the head of the Pi in an Python? Nate Drak by harnessin enables an entry-level kit Who some men (https:// in a touchscre our Raspberry Pi using based which true on robot and powered Knight, 3752), the GPIO investing to by a single H-bridge the BattBorgt=110379 around two is especially The Dark such ascontrol motor controller, is wardrivers interface notes in discover burn. This robust L293D web g?varian solution often seen as s Alfred who first the world batteries. /battbor that are used to
A
LANCAST is head ER of sales and channels at the micro:bit Educatio Foundati nal on.
W
till the Jammin’
Our t exper
A
h jam is throug
Our expert
BrailleB ox Mm m, JAM!
Bereft of instructions
Pi-powered
You need
Martin Woodward enters the lion’s den to talk FOSS Sysadmin
Roundup
Monitor your servers with our admin secret sauce
Can’t stand Gnome? Install your own desktop
Administeria
Custom desktops
tutorials.
P
Get building
D
Features at a glance
ep article propositio step-by-st ly powerful s. See the by argument isn’t particular devices device using these ticating the wireless joy deauthen sent during If your have more of packets you may the number increasing
64 LXF231
r 2017 Decembe
GPIO into monitor interface Raspberry . Pi’s mode r.py -i mon5 monitor wifijamme python 2017 m xformat.co www.linu
62 LXF231 December
LXF231.pitut1_gpio.indd
62
60 LXF231
www.techradar.com/pro
www.linuxformat.com 15:00 02/11/2017 LXF231.pirev1_moto.indd
61
27/10/2017 16:53
braille.
Verdict
ts argumen Wireless
If we can improve performance by 0.05%… it justifies us having engineers improving the kernel
Pi news , revie ws and
Pi-powered comp to stren gth in Westuter labs go African from stren classroom gth s.
Legaling warn
Microsoft Man
Raspberry
Educat world wing the ith Pi
Welcom e...
motor controllers. daunting, because now watch kiddies’ highproducts the screen are the nodes there’s a Pi on regular want to nable ‘script exuberance and editor. To the left of This means tools run your requirement for more is where we create a Raspberry Pi, few years you to the first project. The centre the GPIO ondigital motors and for impressiowith youthful there’s plenty of ago my To the write the code for a hen we think of using and run off as are the in this or code sequences. another H-bridge. changed life algorithmspower download tools. Filled of Python. However, to laugh for smallthinksettings . A new your “flows”, which are our we instantly on a node; The MotoZero hacking default – job role they eagerly would be easy doing they can meant it’ll detect toinformation to use Node-RED medium-sized scripts introduce controller provides the one Info provides drinks, First, how This er’s I was in so an single-bo words, control and right are three tabs: tutorial we’ll energy a bomb. alternative and easy-to-use a flow progresses; robots they find. asrequiring fact that ard computeresponsible for In other The wifijamm exploding language from nodes devices – to for IoT for the board. electroni the greatest an interface. Debug provides output and programsyouth, if not four-wheel and modifyDesigned which tisofa graphical ish detect to createdrive. primarily for the Pi cs hobbyist rs and tools network from equivalen of can tab is usedThe wireless GPIO. the nightmar which Zero range and for wireless makers. kit is while the Dashboard to input/output the follies ble damage. over every of boards, the MotoZero a rather it er respond injection because This was s and digital strongest simple lly hop can be used packetthis project is quite compatible wifijamm second a had no information dashboard. cause considera we’ll be exploring sequentia to On the The circuit forthen and with other 40-pin GPIO experienc bit daunting y Pi named that supports with many targets.LEDs (outputs) It’ll Pi, but be to control within tion module APs. In this guide the Raspberr e of electroni as I coding. ofon using Node-RED is (AP) and mindful of the tight perPithe focuses and identify Build and client manipula programming It’s fair circuitif as number points space between the script for second (inputs). every AP the – your art of the my Raspberr to say I didn’t cs or Python scapy packet ticate to button presses range on access to languages will be our interface motor 3toand 4 screw reacts each channel your Raspberry Pi. magic withinup know attacks the dashboard thatthanks terminals and the power, use of the y are forced ready to deauthen surround come Pi are the you’re these. Pi, but then with We start by building to an and tication makes APs Three years Pi from my Arduino. it’ll tryand when and GPIO “+ group” USB The MotoZero is a diagram and Ethernet ports. ing the Any clients ‘handshake’ tab easy select pass unexpect the Raspberry and deauthen on attack simple yet effective Nate Drake Dashboardpin Raspberr e area. later and stories Pounder to an reference. only a veryNodeLes this claim that comes pre-installed the GPIO. Click the board perform If new clients won’t hardware and how click Update. also detect broad and Node-RED g a virtual then MotoZero can manage that appear, ed and astoundi y to beoffers flexibility I stillin its retreatedlocation install thehavoc range. possible it can be controlled. LXF Controller, then is a freelance in the immediat say – it’ll we first need towreaking up to four all t, performin ng without areas but an expert in any don’t none of press Edit. Call the group clients to holdat running Les are extremely offshore we start writingiscode on this the move, which before which is usedmotors on maker the once, thanks to two flexibility which intent that who works to reconnec script keeps I’ve develope of these us more nodes, give particular is to create a Group, of attack will task while writing L293D This would next drones the the library. Our kind their of the device.low cost, small products attempt someone If why the kit is assembled to with organisations dashboard or to ensure be This motor drivers. The L293D interface. Hover RED d new such as point. on the article for BBC in a set weitneed to be indaline tuning hackercode. Tofine do this that will make our user has been We reported size and his own be West African such as Raspberry platform when see comman the access either, so devices Codebug micro:bit manner. The board to write our without or of the elements and you’ll used used nced around that only are with standoffs you won’tand for some time and it’s inexperie also design is simple, of the Raspbian back in , and leftuse would be educatio to computer channel created LXF Controller function. know that Pi Foundation top can the delivered the script a good an hold the I’ve 2016 for this is iner devices rised, hover be possible Wi-Fi won’t sessions mouse over the newly MotoZero n project with the motor screw to a specific group. Now in our choice to training terminal; micro:bitas the Pi Zero. The run Ubuntulabs in Togo the robots, thanks to its low cost would runthe iconly, wifijamm attack by sound terminals at on using to build librarytowe need to be spy Click it to create a new cyberterro he utilising and built-in opposite dashboard to from controlled Fortunate the forchoice to GPIO “Wireless “+ groups” appear. the of motor as it might Mate (see wireless group intrusive Foundation Raspberr physical controller, protection. BBC micro:bit ends of the board providing desktop. needs. To install network whereupon to the L293D, started boxout The L293D can each inside our home Edit, then rename the limit the tempting teenagers and the maker your computin select LXF216) hidden y Pi to is beard and As a promote 1 in 2012 a ts control See which provides we Group to is all wearable a plentifulg, over clear and secure connection grew . The project 2s to motors to protect skills. details. This Node-RED supply by Dominiqu order argumen directory, vices. following: I’ve run blogs with a continuous current of spares, bring ICT In He by naive to you Update to save the to your kids’ rival Robinson workshop of clients/de of shouldtech attacks. was to students troubled there type the e Laloux, helped Controller and press you manage our first motors. There’s an it’s down at bigl.es. directory. to clean install break the chip. where number To go(below). s and to organise additional screw tab, so now let’s add600mA and supports voltages from hacker Crusoe’s. and teachers and aimed and annoying y Pi with a I’ve 75 per ts” ethical 4.5 need to do in the Dashboard lack card terminal connection, cent of to I gotThe Maker cd ~/.node-red/ LED. to 36V. That’s plenty $argumen to install of intrusive compute in an area to this of aadedicated dedicated for an a Raspberr festival. to control the green of power and type the following command point with r. Five years teachers had and a wireless these kind you’ll need is switch, which is used fromprogramming external power supply set called Inside this directory MATE, never used my friends. library all detrimental about to (npm). aisn’t nodes – you’ll see ascope for budding inventors! It’s for lot on, the the Manager motors, available of Ubuntu the Package help down be or also Node to the board,The proceed, Scroll third compute a built and commun as the Raspberry Pi Dragtothis because Makerthe usefulness access Switch.nice the library using the see that the L293Ds Raspbian is ill-equipped to ity is the of will be a node called IT equipme over 1,000 are r injection. of either the board Dashboard. In there inclusive coolest, supply this amount extends switch settings students labs is the supplied Pi to $ npm i node-red-dashboard nt. Learn in a DIP format, so replacing of packet of power. mostmany and friendlies across double-click it. Change reboot your Raspberry can now capable languages. more at a node to Flow 1, then people default): L293D Once the install is complete, open a bunch with GPIO www.init settings leave asdamaged I’ve ever Using tMotoZero is relatively painless. of is complete. Once rebooted, Zero and ic.be. come across. as follows (for non-referenced Whether RPI.GPIO means that the ensure the installation Coming as a ‘solder we shall Controller] window [LXF in terminal it more new yourself’ Controller In this kit, board can be Group: GPIO formal “dropped such as But the board is nothing the it’ll only take a skilled new terminal window. in” to on product easilysettings the background: In the UK without maker 10 minutes Misuse a service running in Label: Green LED boardsan existing software and the MotoZero forums to construct the MotoZero. start Node-RED as Computer 1 like the project. for comes with The online Raspberr project On Payload [0-9 Number]: MotoZero informall The no specific software. Act (1990) instructions are clear $ node-red start similar to y Pi, or has been 0 forbids Rather, it can be y on Twitter and provide a you’ll see something more specifically d Off Payload [0:9 Number]: events used extensively used with any language After a few moments concise step-by-step robots that compete at like Makerfai or ininperson that can access guide on how to unauthorise Server now running in the at to an Name: Green LED annualres, the GPIO. So for Python has Pi Wars connect itthe of 30 Sep 10:09:30 - [info] event. Cast-iron the response board, even explaining input, we need to construct we can use RPi. been hacking the same. esigned proof and Now that we have our that this GPIO and GPIO Zero that someone by Pi nodes, look is a tough board for A shared http://127.0.0.1:1880/ web browser computers to control the your the BrailleBoAndroid Engineer From the Raspberry delight it into a Chromium is wanting next fighting on to output, our green LED. motors, and it even a dot on the robot! other devices.is for LXF Copy the URL and paste snaps Joe Birch, x was works with Node-willingness to learn the Node-RED the node with a grey genetic fender to give Enter. You’ll now see and This tutorial use for rpi gpio – specifically RED and its GPIO library. penchan inspired by his expertise a simple DroneDe firearms. this to the flow their time 25 Novemb window, then press Controlling a family’s t for poor freely. is an output node. Drag idea: the nal Any model of educational and The Battelle left-hand side. This motor using GPIO Zero articles eyesight. box converts the green LED it entirely There are Cotswold er of conventio was Raspberry Pi into only. Use risk. drag a connector from It’s JAM ............. the end and then click and straightforward, requiring questions no barriers to to physicall braille. The device online news now connected Hull JAM at your own Universit the entry, no The latest rpi gpio node. They’re too stupid .................. y create uses solenoids y of Gloucest switch node to the configuration of the demands -p and AndroidT Leaming rp gpio node. the moving and no .................. pins used for the Raspbian release MotoZero move to editing the too argument ton JAM ershire ........ Hull great. Whether hings braille together, and so we Set the pin motors, and an additional use the There’s need one Milton .................. Central bumps Two LEDs (one To do so, more detailsto power the “enable” pin help debuggin and a new dialog appears. will send Developer: The Pi you Keynes Library .........Leaming attack. Hut software Double-click the node that’s used to enable/disable joe/brai JAM.................. the script fragment Web: http://bit.ly/moto-zero and and finally call the g that code wireless green, one. red) . ton Library llebox-br at www.hac the Type to Digital Output, By default each to clients or you a .. National kster.io/ to GPIO27 and the need motors. For all the motor of widgets, Price: aille-new £10 a good to send <number> Ohm packet Two 220 6 Decemb Museum hithereof connections, will try s-reader tication there’ll supplier Computi tication r script address of node Green LED. er only 12 GPIO pins are can help. Features be deauthen -e86060 is found in the top resistors (red, red, ng, Bletchley Leeds used, leaving the click Deploy, which the deauthenthe argument All people someone who points. the wifijamme to the broadcast Most . JAM .................. To test that it works gold) to skip over 8 /10 access majority use brown, visit enthusias range. and want packet By default of tab the Performance of GPIO pins free especially m want in return r.py -s .................. tication 9 Decemb Open a new browser youbutton that’s within this kind MAC address, IfPush and the or 9/10 is right of the screen. SPI, I2C and UART. wifijamme if for your .. Swallow deauthen you’ll share Ease er of knowledg point (AP) to avoid exactly aren’t use of a certain It’s just a shame see the dashboard Bognor Hill College ly useful sudo python APs e that 9/10 process Easy to momentary every accesssuch packets, to build This will of http://127.0.0.1:1880/ui that these pins aren’t you’ve Regis JAM Value commun what to click it.Pi example, This is particular that your -d to usage learnt. broken out Zero form factor Cornwal green LED switch and and want . certain on the ity is the -d – for 9/10 ................. switch APs ignore advanced you’re project. Look for theSoldering the kit together board for easy access. l Tech most amazingThe :58:79:19 your Pi via VNC resource line argument Bognor The MotoZero is neat so once off. JAM For more including limiting Torbay is a on DF:CD:79 and cost effective. of freeSmall, powerful g to joy.orAll command and attack, Breadboard you need are to trigger the LED to turn seek We’ll er, ts technical Tech JAM .............................. Regis Campus can This The inspiratio ally use the connectin well challenging. MotoZero is a great thought out, offering kit to build and it offers is a great board that’sn and a little more the clear instructions wifijamm you’re support, ithub. now build something For more then you .................. Bodmin automatic put it vulnerable of APs/clien and Six female-toflexibility Let’s to our the output. encourag channel should symmetry easy to construct and Library for many levels of users. ............... and Everyone number to help keep our a little www.ras JAMs near visit https://g theto monitor in Flow 1 that’s separate patience. build into ement. a specific Paignton dashboard, of code mer a new sequence skip this. interface as aticate, jumper jerky r script your should preferable spectrum. male pberrypi you check APs use start wireless the balanced. robot project. The Pi interface, referred make use Library fromrobot a different web The wifijamme is a more deauthen If your they/wifijam out: This basic .org/jam Zero form factor is to use the entire begin with a slider node of it. McInerne n on sudo and inputs to control An internet most powerful this, which /calenda across feedback previous code. We’ll most welcome and If you want ,us example com/Dan out the forwith also target than hopping for informatio provides a rigid mode. provides r connection (right) use -i n pins.
int.indd
60
fill of digita l makin g.
Rating 9/10
Decembe r 2017 December 2017 LXF231
LXF231.pi_
Get your
61
www.linu xformat.c om
27/10/2017 16:48
Plus: Pi User .indd
t2_jamming
LXF231.pitu
64
02/11/2017
15:46
Your 6-page Raspberry Pi companion Build four-wheel drive robots Block and jam wireless networks Node-RED web controlled devices
Welcome Get into Linux today!
What we do
We support the open source community by providing a resource of information, and a forum for debate. We help all readers get more from Linux with our tutorials section – we’ve something for everyone! We license all the source code we print in our tutorials section under the GNU GPL v3. We give you the most accurate, unbiased and up-to-date information on all things Linux.
Who we are
This issue we asked our experts: We’ve been discussing the past RAGE over desktop changes in Gnome 3, Unity and KDE4. What open source or Linux change has caused you red-hot rage? Jonni Bidwell Linux doesn’t make me angry any more. Not even the flaky suspend/resume support that sees my machine crash every couple of days since Kernel 4.13 came out. Not even the fear that installing a new distro is going to wipe out extant GRUB or UEFI entries. These things keep you on your toes.
Nate Drake As an InfoSec Specialist, I was apoplectic about Canonical’s ill-advised move to include Amazon products in Ubuntu’s Unity Dash searches a few years ago. The latest LTS release of Ubuntu also includes Snap packages that have access to all your keystrokes if used with X11 – hardly ideal.
John Knight I’m happy to say that I haven’t had rage over anything OSS – it’s been mild annoyance at most. Can distros bring back virtual desktops, or at least make it easier to bring back my virtual desktop switcher? Oh, you know what? My rage is reserved for Nvidia: FIX THE DAMN TEARING!!!!
Les Pounder My biggest rage is with video editing on Linux. There are many great video editors, such as OpenShot and Kdenlive, but everything I try has bugs and frequent crashes, sometime causing my edits to be lost. Video editing is something that needs to be improved on Linux.
Shashank Sharma I especially welcome changes that are made after copious discussions with the user community, as was the case with GPLv3. However, the initial Gnome 3 announcement, and even Unity were disappointing. I’ve since grown fond of Gnome again, but can’t get past Ubuntu’s casual discarding of Unity.
Gnome sweet gnome People love being passionate and it seems nothing gets people more worked up than meddling with their desktop environment. Gnome 3 was originally released back in April 2011 – that’s over six years ago – and yet people are still posting sweary rants online as if the release had just happened. There was a similarly strong reaction when Ubuntu switched to the Unity desktop in Ubuntu 11.04, with people rage quitting Ubuntu hoping it all crashed and burned.And yes, we still get letters to this day stating the like. Messing with the way people work, overhauling their personal space – you’re tinkering with people’s lives and that can certainly enrage. How much responsibility do FOSS projects have to deliver results that please (pander to, perhaps...) everyone? How much responsibility do they have to keep them up to date with leading-edge technology? To maintain backwards compatibility? I enjoy trying new things and I admit I wasn’t initially keen on the Gnome 3 desktop, but design was just one of the many revamp rationales. Another huge switch was the introduction of the GTK3 toolkit. Dropping support for the aging GTK2 was a necessary step; even the Mate desktop has had to eventually make the switch at the start of 2017. It’s about bravely embracing the new, as otherwise everything stands still and nothing progresses. So enjoy Ubuntu 17.10 with its Gnome 3 desktop. We review the new Intel Coffee Lake processor, the new Google Pixel 2 phone, the latest Linux desktops, 10Gbps Ethernet, Let’s Encrypt certificates, the new LibreOffice Calc, the new Administeria and for good measure the old BBC Basic, because some things never change. Enjoy!
Neil Mohr Editor neil.mohr@futurenet.com
Subscribe & save!
On digital and print, see p28 www.linuxformat.com
December 2017 LXF231 3
Contents
“If fascism ever came to the United States it would come wrapped in the American flag.” – Anonymous.
Reviews ii Google Pixel 2.................. 15 Can the latest Google gadget update restore our loathing for Pixel devices? We doubt it! Find out if a best-in-class camera can help save Google’s latest flagship phone.
Customise
Ubuntu 17.10
The Gnome 3 desktop has landed! We tweak, customise and hack it, and explore the new and exciting technology inside version 17.10. Page 30
The Pixel 2 has plenty of silly-named colour schemes to choose from.
Intel Core i5 8400............. 16 Big Blue is back with the new Coffee Lake processor architecture. It’s impressive and should probably be powering your next Linux PC. Find out why!
Roundup: Desktops p22
Intel Core i9 7960X.......... 17 Do you have a spare £2,000 burning a hole in your pocket? Then we’ve got just the thing for you! The Intel Skylake-X range of power-hungry, multi-core processors. Nuts.
Knoppix 8.1......................18 Years after its first release, the distro remains as fresh and reliable as ever. Take a bow, you’ve impressed Shashank Sharma, the Simon Cowell of the open source world.
Korora 26 Gnome............. 19
If you’ve never seen Finding Nemo, trying Korora is one way of discovering its characters. Shashank Sharma, however, likes it for its simplicity and usability.
Tacoma............................... 20 A desolate, post-disaster outpost, orbiting empty and unused, but enough of the Linux Format Space Tower, what about FullBright’s latest space-based walking simulator…?
Interview
Augmented reality makes Linux Format almost a tolerable place.
4 LXF231 December 2017
The engineers have kind of taken over at Microsoft now… and it’s awesome! Martin Woodward on Microsoft’s acceptance of OSS p40 www.linuxformat.com
On your FREE DVD
Ubuntu 17.10 Remix Lubuntu 17.10, Q4OS 2.4 p96 64-bit
32-bit
64-bit
Only the best distros every month
Raspberry Pi User
Subscribe & save! p28
In-depth... Build your own distro........... 46
Pi news.................................... 60
Package, customise, choose your own desktop and apps to build a distro you can call your own, all with the help of Nate Drake.
Raspberry Pi continues to educate the world. It can also help the blind to read online news and we round up the latest Jams to attend.
MotoZero.................................61 Les Pounder takes a look at an entry-level motor controller that offers four-wheel drive.
GPIO with Node-RED........... 62 Create a simple web interface to control the GPIO pins. Les Pounder shows us how.
Wi-Fi jamming........................ 64 Nate Drake offers you a way to stay safe from cyberterrorists and wardrivers by harnessing Dan McInerney’s nifty Wi-Fi jamming script.
Coding Academy
Tutorials Terminal Pipes...................................68
BBC Basic V........................... 88 Nate Drake helps readers to relive the glory days of programming BASIC while hurriedly combing over his bald patch.
John Knight takes the advice of the ancient ones of Unix to bring you the ultimate guide to pipes.
Kotlin system tools............... 92
Desktop apps LibreOffice Calc...............70
If you’ve always wanted to develop system utilities, create threads and generate random numbers in Kotlin, then you’re in luck, because Mihalis Tsoukalos is your expert guide.
Puzzling out pivot tables or building bar charts? Bobby Moss is determined to make you a cell-wrangling ninja.
Networking 10Gbps Ethernet.............. 74
Regulars at a glance News.............................. 6 Subscriptions............28 Overseas subs........... 67 Best get your Krack patched. Best get
Nothing says Chrimbo more than the Ho, ho, humbug… it’s a Linux Format
your kernel licence updated. Best get
gift of a Linux Format subscription.
subscription, just in time for Chrimbo
your Librem 5 funded. Best get your
Save money and spread joy today!
in your part of the world!
Bionic Beaver ready. Best get reading!
User groups................. 11 Les Pounder has on his Kiss-MeQuick hat, as he’s up in Blackpool.
Mailserver....................12 People hating on Ubuntu. People
HotPicks.....................49 Next month................98. Alexander Tolstoy hasn’t got time to Linux is built for speed, so we explore set up an army of Russian Twitter
the best of the lightest and fastest
bots. He’s too busy setting up the
distros to power your hardware.
best FOSS, including Storyboarder,
Borg Backup, Calibre, Gnome Commander, MConnect, Geary,
hating on printers. People hating on
Zrandr, Glances, Klavaro, BeFive
the bookshelf. We need a hug.
Smartball and ChickenPeppa.
Shashank Sharma knows his
There’s a lot of streaming noses in
Linux Format Towers and a lot of
them all a run for their money.
media streaming in LXF230.
Privacy Using OpenVPN............... 76
Nick Peers takes you by the hand and drags you down an encrypted pipe so all your data can stay private and safe.
Security SSL certificates................ 80
Sean D Conway provides a look behind the mirrors of certificate security, from the command line implementation of SSL/TLS certificates to the Let’s Encrypt system.
Sysadmin Administeria..................... 84
Roundup..................... 22 Back issues................64 desktops, which is why he’s giving
When Gigabit Ethernet isn’t fast enough it’s time to upgrade to the next-gen network standard. Tim Armstrong’s here to help.
Our subscription team is waiting to take your call.
www.techradar.com/pro
We’ve busted down Linux Format Tower’s deepest dungeon door and discovered Dr Valentine Sinitsyn lurking inside oiling the LXF server, polishing platters and doing household tasks linked to PC components.
December 2017 LXF231 5
This ISSUE: KRACK causes havoc
Behold Bionic Beavers
Librem 5 gets funded
Security
Major security flaw found in WPA2
Known as KRACK, the vulnerability in the WPA2 protocol has serious implications for both Android and Linux users, but thankfully patches are incoming.
A
serious flaw in the WPA2 security protocol, which many people use to encrypt Wi-Fi networks, was recently uncovered. If exploited then the flaw, called KRACK, would enable malicious users to access passwords, emails and other data on a compromised device or network. The security flaw is particularly alarming due to the almost ubiquitous use of WPA2 at this stage, and as the website that announced the flaw (www.krackattacks.com) pointed out, if your device supports Wi-Fi, then it’s probably affected by this flaw. In an age when even fridges can connect to a wireless network, that’s not a terribly encouraging sentence to read. A huge range of devices are vulnerable to KRACK (which stands for key reinstallation attacks), including products and software from Apple, Windows and OpenBSD. Linux and Android 6.0 or higher are particularly at risk of being compromised. The researcher who identified the flaw, Mathy Vanhoef (who can be followed on Twitter at twitter.com/ vanhoefm), produced a proof-ofconcept attack that was especially catastrophic against wpa_supplicant 2.4 (or later), a Wi-Fi client commonly used in Linux and Android 6.0 and above. The vulnerability occurs due to a quirk of the Wi-Fi standard that clears the encryption key from memory once it’s been installed. When a device joins a network it initialises a four-way handshake to
6 LXF231 December 2017
obtain a fresh encryption key, which will be installed after receiving message number three. With the key installed, it’ll encrypt using the protocol. However, the network access point will retransmit message three if it doesn’t receive a response, assuming the message had been lost or dropped. If the client receives a retransmitted message three of the four-way handshake, it’ll reinstall the cleared encryption key, turning it into an all-zero key. As Mathy states, “this makes it trivial to intercept and manipulate traffic sent by these Linux and Android devices”. The good news is that the flaw is patchable and a number of companies and projects have released updates to fix their software. This includes Ubuntu 14.04, Arch, OpenBSD, Debian, Gentoo, Windows 7 to 10, Synology, DD-WRT and Lineage OS. Android will be fixed at patch level on 6 November, with Pixel and Nexus devices getting it first, while
KRACK is a nasty vulnerability, with Linux and Android devices particularly at risk.
If having an embargo on the announcement of a vulnerability (and by addressing the vulnerability
“The good news is that the flaw is patchable and a number of companies have released updates to patch their software” iOS 11.1 should also be out with a patch by the time you read this. Speaking of OpenBSD, the developers were accused of breaking the embargo of the reveal of the KRACK vulnerability by quietly patching the vulnerability before the embargo lifted.
www.linuxformat.com
developers are accused of breaking that embargo) sounds a little odd… well, you’d be right. An OpenBSD developer shares the rationale behind them putting security before embargoes at https://lobste.rs/s/dwzplh/krack_ attacks_breaking_wpa2#c_pbhnfz.
Newsdesk Licencing
Linux kernel gets revamped licence Linux Kernel Community Enforcement moves to bolster the GPLv2 licence to prevent copyright trolling.
Photo attribution: Sebastian Oliva
F
or 26 years the Linux kernel has gone from strength to strength, with more developers, companies and users contributing, changing and using the kernel than ever before. However, a number of challenges also have also arisen, and as Greg Kroah-Hartman, a Linux kernel developer, wrote in Linux Kernel Community Enforcement Statement released in October 2017 (http://bit.ly/enf-sta), the Linux kernel’s current licence, GNU General Public License (GPL) version 2 (GPLv2), is no longer as robust as it should be. This is because ambiguities in the GPLv2 licence have been exploited for patent trolling and monetary gain – concepts that the Linux kernel was Greg Kroah-Hartman is specifically concerned with ambiguities in the GPLv2 licence. created to avoid.
This has spurred Greg and other kernel developers to announce in the statement that the Linux kernel licence will now include an additional permission, which copyright holders may voluntarily opt-in to, which changes the license of their copyrights to allow the copyright license termination provisions from the GNU General Public License version 3 (GPLv3) in some cases. This move has been broadly welcomed by the community, with the Software Freedom Conservancy releasing a statement (which you can read at https://sfconservancy.org/news/2017/ oct/16/linux-kernel-enforcement-statement/) applauding the decision. It must be stressed that this move doesn’t change the licence of the kernel – it remains GPLv2. Instead, it simply prevents copyright trolls from using the GPLv2’s immediate termination (and threat of immediate injunction), and turning apparent compliance concerns into an automatic claim for money, by adding a 30-day window for people to come into compliance. This removes that immediacy while enabling legitimate compliance concerns to be addressed. For more information, read the in-depth FAQ at http://bit.ly/enf-faqs.
Ubuntu
Canonical beavers away Ubuntu 18.04 LTS finally gets a name…
W
ith Ubuntu 17.10 “Artful Aardvark” out in the wild, attention is being directed to the upcoming Ubuntu 18.04 LTS release, and Mark Shuttleworth has announced (www.markshuttleworth.com/archives/1518) what the next version’s alliterative animal-based name will be. Brace yourselves for… Bionic Beaver. According to Shuttleworth, the beaver is an ideal animal to name this version after as, he says, “It’s builders that we celebrate – the people that build our upstream applications and packages, the people who build Ubuntu, and the people who build on Ubuntu”, hence the mascot is “a mammal known for its energetic attitude, industrious nature and engineering prowess.” Meanwhile the ‘bionic’ part of the name is a nod to “the relentless robots running Ubuntu Core.”
So, what will this bionic beaver bring (sorry)? Cloud support gets a big boost with improvements to OpenStack and Hadoop on Ubuntu, while the default Gnome desktop is accompanied by KDE and MATE alternatives, with Unity 7 being updated with the newest X and kernel graphics. Meanwhile the latest version, 17.10, is the first release since 2010 not to use Unity as the default desktop, following on from the project being shuttered earlier in 2017. The eWeek website has an excellent video with Mark Shuttleworth (http://bit.ly/canonicalunity), where he says he never wants to go through a process of ending a project like that again. However, the move has put Canonical on course for an initial public offering. Will that move be worth it? Time will tell.…
www.techradar.com/pro
Comment
Paint over the Kracks Keith Edmunds So what did you make of KRACK? Was it an OMG moment, a bit of a worry or a meh moment? Or maybe you haven’t heard? In which case, stop reading now and read through this month’s lead news story over there on the left. I’ll be right here, waiting for you to finish... Okay, so the truth is that it’s not the first security vulnerability to stick its head over the parapet, and it won’t be the last. Remember, WPA2 is only a way of encrypting data between the WiFi device and the access point: nothing stops you encrypting the data sent over WiFi. And maybe you’ll have to: in reality, most of the devices affected by KRACK will never be patched. So what can you do? Use secure protocols wherever possible. There’s no excuse for running websites without a TLS certificate now that Let’s Encrypt enables you to get and maintain as many as you could reasonable need for free. If you’re running your own mail server, you can use Let’s Encrypt certificates for SMTPS and IMAPS, too. You might need to do a bit of Googling if you don’t know how to do that, but that way you take full responsibility for your security. As IOT spreads, security vulnerabilities outside of your control will continue to grow. Now is a good time to decide: No More Clear Text. Keith is the managing director at Tiger Computing Ltd (www.tiger-computing.co.uk).
December 2017 LXF231 7
Newsdesk Comment
Strength to strength
Mobile
Purism gets over $2m to make Librem 5 Funding goal for the Linux-based phone is smashed!
Jim Zemlin The results of the 2017 Linux Kernel Development Report, which analyses the work done by 15,600 developers over more than a decade, are in – and Linux is growing faster than ever. The average number of changes accepted into the kernel per hour is 8.5, a significant increase from the 7.8 changes in last year’s report, translating to 204 changes every day. The 4.9 and 4.12 development cycles featured the highest patch rates ever seen in the history of the kernel project. Since the last report, over 4,300 developers from more than 500 companies have contributed to the kernel, with 1,670 of these developers contributed for the first time, comprising about a third of contributors. Also of interest is the number of unpaid developers may be stabilising, with these developers contributing 8.2 per cent of contributions, a slight increase from 7.7 per cent in last year’s report. This is still significantly down from the 11.8 per cent reported in 2014, likely due to kernel developers being in short supply, leading those who demonstrate the ability to submit quality patches to not have trouble finding job offers. To download the full report, visit www.linuxfoundation. org/2017-linuxkernel-reportlanding-page. Jim is the executive director at The Linux Foundation (www.linuxfoundation.org).
8 LXF231 December 2017
W
e’ve been keenly following the progress of Purism’s crowdfunding efforts for the Librem 5 Linux-based smartphone, so we’re pleased to see that it managed to beat its goal by some margin. The funding goal was a still ambitious $1,500,000, but in the end the team was able to raise an incredible $2,146,495. This shows how much appetite there is for a smartphone running open source software, with a ‘standards-based freedom-oriented’ operating system based on Debian. Now that the Librem 5 has been funded, Purism will start building and shipping the handsets to backers. If you’ve missed out on the fundraising part, don’t worry, as you can still order the device from https://puri.sm/shop/librem-5, and you’ll be added to the shipping queue. The phone costs $599 and includes free worldwide shipping, and has an estimated delivery of January 2019 – and that’s after all the backers get their handsets first.
The Librem 5 has been fully funded. Whoop!
Laptops
Closed smartphones
DIY laptop
Linux on Galaxy
MNT Reform enables you to build your own laptop.
S
o, you crave as much control, freedom and hackability with your hardware as you do with your software? Then you may be interested in the MNT Reform, a laptop built with open source hardware that can be swapped out and replaced by users. The first modular design will come with a chassis, exchangeable keyboard, LiPO batteries and more. Lukas Hartmann, the creator, wants to make the Reform available to the public soon. Learn more at http://mntmn.com/ reform, and people interested in the idea are urged to contact Hartmann with their thoughts.
www.linuxformat.com
Fancy installing Linux on your Samsung smartphone?
W
hile Canonical has ditched its convergence dream of having Ubuntu run on smartphones, it appears Samsung has taken up the mantel by enabling owners of its Galaxy S8, S8+ and Note 8 smartphones to install a full desktop version of Linux when used with its DeX docking system. Installed as an app, Linux on Galaxy could be the answer to running a full desktop version of Linux from a pocketable smartphone device. It’s still a work-in-progress, but the potential here is huge, with the DeX dock enabling the smartphone to be attached to a monitor, keyboard and mouse. As the Samsung press release announcing Linux on Galaxy (http://bit.ly/samsung-linux) states: “whenever they need to use a function that is not available on the smartphone OS, users can simply switch to the app and run any program they need to in a Linux OS environment.” Linux on Galaxy is still in its early stages, but if you want to know when an early version is available to test, sign up at http://seap.samsung. com/linux-on-galaxy. It sounds promising – it’s just a shame you need a very expensive phone…
Newsdesk Comment
Distro watch
Cars talk open source
What’s behind the free software sofa?
Guy Lunardi
CAINE 9.0 As the name suggests (it stands for Computer Aided INvestigative Environment), this is a distro that offers TITLE various tools for digital forensics, with tools easily added as software modules and presented in a user-friendly interface. It’s based on Ubuntu, and version 9.0 brings Nirsoft suite with launcher, WinAudit, MWSnap, Arsenal image mounter, FTK Imager and many other tools. Check out the project’s news page at www.caine-live.net/ page6/files/category-release.html for more information and instructions on how to download and install it
CAINE 9.0 brings new tools and a complete forensic environment.
antiX 17 This lightweight operating system is based on Debian 9.2 and its developers have now dropped systemd, choosing instead to use SysV init. It supports both 32- and 64-bit processors, features four windows managers, a full LibreOffice suite, a customised 4.10.5 kernel with fbcondecor splash and lots more. Designed for older computers, it only needs 256MB of RAM and can run from either a live CD or USB stick. For the full release announcement, head over to https://antixlinux.com/antix-17-released.
antiX is a great distro for old hardware with aging components.
ArchLabs 2017.10 Based on Arch Linux, and using the Openbox window manager, this 64-bit distribution now uses a long-term support kernel. The release announcement (which you can read at https://archlabsblog.wordpress. com/2017/10/24/archlabs-2017-10-release) states this will bring greater stability to the distro, mainly due to the fact that there won’t be as many updates and changes made to the LTS kernel. ArchLabs specific packages have also be repackaged and signed with the project’s own GPG signatures and added to the ArchLabs repository.
ArchLabs comes as a Live DVD, so you can try it out before you install.
Lubuntu 17.10 This lightweight Ubuntu-based distro gets its own taste of ‘Artful Aardvark’, and is supported until July 2018. The 13th release of Lubuntu brings the Linux kernel 4.13, along with general bug fixes, as well as continuing to lay the foundation for the future switch to LXQt. If you want to try out Lubuntu with the LXQt desktop, you can also download the ‘Next’ version, which is an experiment build of Lubuntu, although, of course, you try at your own risk. For more information, visit the release announcement at http://lubuntu.me/artful-released.
Lubuntu’s LXDE can happily run on older computers.
www.techradar.com/pro
Modern vehicles are loaded with sensors that report values constantly. These range from the simple, and often rarely changing such as door sensors, to the speedometer and GPS sub-system that broadcast all the time. On-board computers have to analyse and react to these signals in isolation with limited context awareness. Each time a value changes, a signal is emitted on one or more of the data buses. We can do better. Collabora assisted in creating a fully open source vehicle signal manager (VSM) that offers to process incoming signals, evaluates them against a set of precompiled rules and hopefully re-emits the right signals to the right processes. This helps centralise the signal processing, accelerate the software development environment and greatly improve testing capabilities. VSM has been contributed as a GENIVI open source automotive project and is available on GitHub. VSM is in prototype form and used in python implementation. As the interest in consolidating communication protocols grows in the car industry, we hope that the industry as a whole makes the right decisions. Open standards and free open source software is the way to go (as always). Guy is the vice-president of business development at Collabora Ltd (www.collabora.com).
December 2017 LXF231 9
PU T A PAUSE IN YOUR DAY With so many demands from work, home and family, there never seem to be enough hours in the day for you. Why not press pause once in a while, curl up with your favourite magazine and put a little oasis of â&#x20AC;&#x2DC;youâ&#x20AC;&#x2122; in your day.
To find out more about Press Pause, visit;
pauseyourday.co.uk
Linux user groups
United Linux!
The intrepid Les Pounder brings you the latest community and LUG news.
Find and join a LUG Alpinux, le LUG de Savoie Meet on the first and third Thursday of the month at the Maison des Associations de Chambéry www.alpinux.org
Build Brighton Thursday evenings is open night. www.buildbrighton.com Sandbox Sandbox Digital 5 Brasenose Road, Liverpool. Open maker night is Tuesday 6-9pm. Kids clubs are Monday (6-8yrs) and Wednesday (8-12yrs). www.sandboxdigital.co.uk Leeds Hackspace Open night every Tuesday 7pm-late, Open day is the second Saturday of the month, 11am-4pm www.leedshackspace.org.uk
Hull Raspberry Jam Malet Lambert School, Hull, running every other month. www.twitter.com/hullraspjam
rLab Reading Hackspace Unit C1, Weldale S, Reading, Open Sessions Wednesday from 7pm www.rlab.org.uk Huddersfield Raspberry Jam Meet every month at Huddersfield Library, typically the fourth Saturday of each month. www.huddersfieldraspberryjam.co.uk
Medway Makers 12 Dunlin Drive, St Mary’s Island, Chatham ME2 3JE www.medwaymakers.com
Cornwall Tech Jam Second Saturday of the month alternating between Bodmin and Camborne www.cornwalltechjam.uk
Makerspaces Collective knowledge gets puts into practice
J
ust around the time we write this and interestingly, all of the skills needed (27 October 2017), Blackpool to build this rig aren’t known by one Makerspace is preparing to throw person. Rather, a team of people who open its doors to the public for the each come to the Makerspace to share Crafts Council Make:Shift:Do event and learn are helping each other and (www.craftscouncil.org.uk/what-weinventing their own version of this do/makeshiftdo). This annual event expensive piece of kit. challenges a space to take part in a This is what makers do: they solve national programme, but each space is problems, they help and they share. free to suggest its own session ideas These traits are also present in the Linux and these are listed on the Crafts community: we spot a problem and we Council website. fix it, we share the knowledge on how to This year will see Blackpool fix it and this is passed into the Makerspace taking part for the third community who then help each other. time. It’s tackling 3D photography with Long may this continue, and Linux a view to 3D printing the output. To take Format is proud to be part of such a the pictures the team are building a great community. LXF camera rig using multiple Raspberry Pis and an Arduino that will control the rotation of the object in the rig. All of the photos are then sent to a central powerful computer where they’re stitched into a 3D object, which can then be converted to an STL file ready for printing. All of the kit in the rig will be running Linux (Blackpool Makerspaces contain vast amounts of knowledge that can be passed on to the next generation. Makerspace is also a LUG)
Community events news
Makerfaire UK 2018 Taking place at the Life Centre Newcastle on April 28 and 29, the two-day event covers the diversity of what being a maker is. This event is family friendly so take the kids, your nan and
grandad and explore woodworking, soldering, electronics, robotics, rocketry and so much more. Keep an eye on its website for more information, which will include the programme of events and early access to tickets. www.makerfaireuk.com Linux.Conf.Au Sydney, Australia plays host to Linux Conf Au from 22 to 26 January. It’s the largest Linux conference in the Asia-Pacific
region, and attracts delegates from across the region: around 800 users, from hobbyists to professional users. Tickets are now on sale for this non-profit event, which is run by volunteers in the Linux community. You can read more about this event and purchase tickets via its website. www.linux.conf.au Red Hat Summit San Francisco, California is where you will find Red Hat Summit, running from 8 to 10 May. Here,
www.techradar.com/pro
you’ll learn more about cloud computing, virtualisation and other topics for system administrators. The event is a mix of talks, workshops, stalls and of course “the corridor track” where everyone shares knowledge and contact details. Events of this size are best appreciated over a few days, giving you time to enjoy the social aspect of the event. See the website for more details. www.redhat.com/en/ summit/2018
December 2017 LXF231 11
Mailserver
Write to us at Linux Format, Future Publishing, Quay House, The Ambury, Bath BA1 1UA or lxf.letters@futurenet.com.
HATE HATE HATE HATE (deep breath) HATE HATE HATE HATE!
Hate without end
Neil says: It’s just an operating system! The irony is Linux Mint is based on Ubuntu and some might say they find the old-school desktop of Linux Mint too clumsy. It’s horses for courses. We’d certainly like to hear what you think of the new Gnome desktop – we’re sure you hate that, too!
I’ve now got Bleached bits After installing Ubuntu 15.04 at a friend’s house and doing some tweaking, I finished off by installing and configuring BleachBit and ran it as a final farewell. Upon reboot I was greeted with a ghostly image of two middle-aged overweight bald blokes. It turned out to be our reflection on a black screen and
Cleaning stuff has never been so easy or deadly (for germs).
shane_collinge@yahoo.com
From the first I’ve hated Ubuntu with a passion. I’m a very simple bear and no expert. I want to communicate with my computer as if it were running Windows XP. It’s simple for those of us who don’t want the bother of memorising key strokes, instead of following a simple menu. I like to be able to right-click on my desktop and create a shortcut or a text file. (Why does this raise Mr Shuttleworth’s hackles?) Each time you hype a new version of Ubuntu I try it and discover that it doesn’t want to help. It gets in the way. Every time I go back to relax into the comforting haven of Mint. It’s easy to use, I don’t have to change my way of working to suit it. It accommodates me. There might be a hint there. John King, Grimsby
not even a blinking cursor. Even Windows gives you an error code. MEOW!!! Clearly I was the better looking one but felt like a fool as i had no idea how to fix this. Could you please do a section on understanding log files and knowing what to look for when problems occur with some realworld examples. Andy Greenhalgh, via email Neil says: How do you know it was BleachBit that caused the issue, because you mentioned other tweaks? An entirely blank screen would be pretty hard to achieve. The BIOS, the bootloader, Grub… even the Kernel would usually throw something up on the screen. Remember Linux isn’t Windows, so you don’t really need to be running BleachBit to clear out the rubbish. However, a sudo apt-get autoremove now and again doesn’t hurt.
12 LXF231 December 2017
www.linuxformat.com
Open source is more a bazaar than a cathedral, read the book on the DVD and find out why!
Dusty books I’m a long-term Linux Format reader and have a suggestion… namely, your Bookshelf section of the DVD, where Linux and Linux Format promote opensource, which I think is very good. But I noticed your DVD Bookshelf doesn’t change much. That is, it seems very static. Making your Bookshelf more active could be good in several ways: it’d better promote open source and help introduce real basics to your Linux content. How about if you change your Bookshelf section so that for three months of the year, it’s as I see it now. But then for the next three months, it’s full of annotated pointers to computer science resources? So over the year your Bookshelf section would cycle through these topics, with updates, for the next year. It would certainly reduce the sameness from your present policy. Martha Adams, via email
SPECIALS & GUIDES
myfavouritemagazines has over 100 one-off guides and specials which celebrate your favourite subjects. There’s something for everyone treat yourself or give gift.
DELIVERY INCLUDED
https://www.myfavouritemagazines.co.uk/guides
Or call now – UK: 0344 848 2852 Overseas: +44 344 848 2852 MyFavouriteMagazines is the official magazine subscription store of Future. You can save up to 74% on a huge range of popular magazine titles. Every magazine subscription will be delivered direct to your door, and includes free UK delivery; guaranteeing you don’t miss a copy of your favourite magazine.