JavaScript Python, Perl - which is right for you? ENCRYPT EVERYTHING The complete guide to keeping your data private — no matter who's looking OPERATION Build a practice cadaver forhome 4 surgery fun THE SNOOPER'S CHARTER Why it’s an utterly rubbish idea JOIN US NOW LESLIE HAWTHORN On community, human nature, leadership and the importance of failing properly FIAT LUX PHILIPS HUE Control the lighting in your hollowed-out volcano base with Linux and Python @2c-hSO2 NSSTAn adventure story for young minds — featuring pirates, robots and computer programming. ee Dan prs POSSEISSUE 24 TWO YEARS OF AWESOME The March issue in L 24 Most of us doit have the time to go through bureaveratic edicts to check thes sanity. Bt thisis what Beis dane with the UK ‘Snoopers’ Chater’ and the inepttude he's found is tagging p28 Afree software advocate ‘and writer since the late 1990s, Graham is alansed atin the peo tT DE contrutr and author automating my bare, our tutorial ofthe Meeq MIDI step ae enconzoling Pips Hue sequencer lightbulbs with Linux comes at exactly the right time. Forget [pis is our 24th issue. That meansit’s been two years since Nef and chil - UND and chil! we launched, exactly as promised, aftera successful peo Crowdfunding campaign. Its a clche and too often repeated, but we couldnt have done tis without you. Without you backing we ‘Simply would be here. know of no other magazine, anywhere, that has been able to do ths, let alone one that gives old issues away for free (even for commercial use!) and shares in any profits “These are ideas that run totally against traditional publishing wisdom, and once again it the Free Software, Linux and open source communities that have made the impossible possible. Its you that has made this possible. So, thank you. Allof us here at Linux Voice are incredibly grateful loved playing the board game ‘Operation’ when | was alad and its gteat to see our om DN Operation game is way better than the modern version ofthe same game, Upgrades! pr Graham Morrison Editor, Linux Voice (ps we're attempting to crowefund a book that will teach children programming via pirates and robots ~ see our advert on the left Linux Voice is different Linux Voice is special. Here's why. WAtthe end of each franca year wel ve 50% of cur pots oa selection of crgansations that support fee seltware decided by 2 vote among our reades (that you). ean {No ater than ne months afte fist pubtcation we wil license al of ow ‘content under the Creative Common (OCBY-SA licence, so that ld content ‘an sill be useful nd can ve on even after the magazin has come oft Were small company so we dor haves board of crectorsor a bunch of sSatbder inthe City of London to keep happy. The only people that matter tousare the eades, ‘wor linuxvoice.com 3UNCON ISSEY ISSUE 24 MARCH 2016 Ae "=Contents Welcome to the 24th issue of Linux Voice. Blimey, two years eh? News 06 The PlayStation 4 has been hacked to run Ling, the Dutch government has donated €500,000 to Opensst, and Apple has open sourced its Swift language. Distrohopn 08 Feat ment in Linux distros ~ Solus 1.0, You'e going ta hear a lot more about this new Linux favour ‘Speak your brains 0 Is Microsoft stl the enemy? Should your fridge watch your waistline for you? And ‘what's Zen for Slackware? ENCRYPT SKeopgevenanrecsen | EWERYTHING Your door and get aocess to 24 issues of Linx Voice in lovely DRM-reePOFs. pee sq Keep the man out of your personal emails and off your hard drive with our Wild picks, purse seined off the cold in-depth guide to data encryption. Information wants to be private! Icelandic waters, battered and served with Mats Pipe chips, Fresh, and also Free. | Interview | | Feature | Core Tech 4 DNS ismare than ust the addressing system that tells the intemet where you are it's the key to understanding what's ging on in cyberspace Geek Desktop 98 Andrew Gregory, permanent neti of the Linux Voice team, shows of his repro mahogany fui. Leslie Hawthorn Desktop showcase Feil properly then get up and cary on ‘awesome again. Cheers Leslie! SUBSCRIBE Send us your bestooking Linux desktops, so we can coal ‘over them ~ and print them inthe macazine FAQ err eis cop 32. Software licences so i's got a rubbish, un-Googleable If you're ready to set your code ame bu this $3 computers rei the wi, hnk about what absolutly warth knowing about cence youre going to use Lurembourgesise WW6s p12 vwutinuxvoice.com eerInside the Snoopers’ Charter Wiy the UK Governments plans to spy on its subjects is misguided, muddled and mad ISSUE 24 MARCH 2016 chines by transiting entire hard dhives over anetwork, Squid 6 Control your meb trafic using a proxy server to save on precious bandwidth, Ardour 4.6 ‘The leading digital aucio workstation for Ling has several new features, plains and other improvements to help you unleash your ier Viscontionserd Rogers/Stock/Aitken/ Waterman, Tails 2.0 43° Wine 18 Ifyou want privacy the easy way, Remember, Wines not an here’ the Tor network wit all the emulator It just smells, looks and hard work dane for you tastes very much like one. 44 Nodemcu Books Make your users awesome by going beyond legacy code and reacting to Java, Or something lke that ~ youl never know unless you tun to pa, Gaming on Linux 6 Tur off your mind, relax and float downstream. Or kl things, shoot big guns and put loads of salt on the popcorn to sell more soft drinks, wwuilinuxvoice.com Single board computing with bultin Wii for only $5? Shut wp and TAKE MY MONEY! Raspberry i n Bing comouting into the physical world with some tin fol and a cardboard box. MariaD8 16 Data, data everywhere, and you can contol itall wit @ powestul open source database Philips Hue 80 conte the lights in your smart dveling with Python and these hackabie bulbs, sed a Mare than just a text processing language infact, we've turned itintoa web serve Scripting languages 88 Python, JavaSeriot and Perl ~theins, the ‘outs, andthe what that squiggle doings?ANALYSIS NEWSANALYSIS The Linux Voice view on what's going on in the world of Free Software. opinion Remembering lan Without lan Murdock, Linux would be nowhere near the success story it is today. sa) Sinon Phipps isexpresident ofthe ‘pen Sourelniative and board member ofthe Open Rights ‘Group and of Open Sours for Ameria long with my former colleagues at ‘Sun Microsystems, | was horrified atthe start ofthe year to hear ofthe ath of lan Murdock, There have been plenty of other cornments written about him, so you willbe aware of his work establishing Debian, and maybe of his own company (Progeny) and his work at what would become the Linux Foundation, While youll remember lan as the spirit and narne the Debian projec, | got to know him in 2004 when he joined Sun Microsystems Iwas the head of open source activties at Sun, while lan was hired itl later ta head up the transformation of Solaris into an open source operating system Linux for the people The outcomes from each of our jobs are stories for another time, but | was struck by the quiet force lan brought to is role. Amid ‘a good deal of scepticism and hostility — after ll tans creation was a driving force behind the demise of Solaris ~ lan was. toshape the work that the OpenSolaris team was doing, driving them in directions far more likey 1 resultin communi ‘engagement than the instincts and directions oftheir previous management. He showed determination and vision, and used his experience atthe convergence point af business and technology to talkround both the engineering genius and the pointy headed boss, The key vector from Debian that was introduced to OpenSolaris was the need for the software to be delivered in the form of installable packages from an open repository rather than the previous vision of atightly-controled single source for componentry ‘The importance of packages That vision of an operating system but from packages with ther dependencies automaticaly resolved and with the egal and social issues related to each element We take it for granted today that we can simply add a package to our operating system with a single command ‘wor linuxvoice.com debian discussed and addresoa key legacy lan leaves us. We take it for granted today that we can simply adda package to our operating system with a single command and without destroying the system or spending the rest of the day resolving dependencies and incompatibiities, and we are extencing that ‘concept further into containers and cloud deployment. But when an started his Linux istibution, that was not the received wisdom, and credit him with proving it was crucial and showing how to lead a ‘tomake itreal ‘More than that, lan was also a great friend tomany of us. While his history with Linux ‘may have aroused suspicions in the team at traditionally proprietary software vendor, we all quickly realised that lan was.a warm, kind and complex person who we enjoyed ng with Tolase him so earyis have the greatest respect for legacy, what | wil missin the future is the ‘opportunity for his friendship. inadvance istheLG STi ea ANALYSIS. TRE ETUC OU CLs CATCHU Summarised: the biggest news stories from the last month Linux kernel 4.4 released Toringin thenew year we have a shiny new kernel release. Linus Torvalds announced kernel 44.0n 10 January 2016 with boatload of new features: support for direct /0 and asynchronous V0 inthe loop block device, 3 support inthe vitual GPU drive for harcware accelerated graphics in virtualisation ‘guests), support for open-channel ‘SSDs, and many improvements in drivers, filesystems and memory ‘management. See here for details: btp://kemeinewbies.org/Linux 4.4 Dutch government ‘supports encryption Ata time when many governments are eager to sneak backdoors into encryption software, ostensibly 'o protect us’ the Dutch are taking a diferent approach. The powers that be there have stated that ‘tis courrenty not appropriate o adopt strictive egal development, availabilty and use of encryption within the Netherlands". And that, the goverment has 10.000 grant to the OpenSSL project. Mozilla stops working on WME Firefox OS smartphones This isnt enteely surprising news, given how uttery dominant i0S and Android arein the mobi space, butitsa shame nonetheless. The Mozila Foundation has announced that til stop developing and seling smartphones with Fefox 0S, leaving the fledging platform a possible future con smart TVs and other devices, Which poses the question: s there room the smartphone market for another 0S? Can anyone else break the duopoly that {0S and Android enjoy? Debian Founder lan Murdock passes away dust after Christmas 2015, tan Murdock, founder of the Debian GNU/Linux cistrbution dedin San Francisco at the age of 42, The cause of mare of a "Restaurant of the Day’ Belly Rubs As A ae and over the course of the week Lego-sorting Lego-botandallthe hatte tothe local brewery, Service, cay to packing for mult-dey ‘Simon which was always prepared Below right: A delegates mostly elected to simply adventures with ess than Skgof _toslake thetthstofthedelegateshexacopter on display - hang out atthe hall to chat, play equipment. There were 2 This meant the in-hall bar proved assemblebefore use. games and (of course) do their very best to dain Simon Wanderung The inal componentin this tip are the walks and other outdoors activites. This year tookin the stung scenery around Lac Haute Sire, as wel a the historic towns of Esch-sur-Sie and Bastogne Tne 2016 LAW willoeheldin Laxey ole of Man fom 20 Ju August See you there! aa 2 wwuilinuxvoice.comcom Uae aa a Le] OR ce) aL Le) MIT's SIPB invite you to "Fork the System" ference for everyone who loves free software Organized around the theme "Fork the + Hackers 2a System," we'll examine how free software aon cal Her peireciarseninisaeorcanenes | | EHTS users, allows developers to fight the + Beginners restrictions of a system dominated by + Users proprietary software, and is the foundation + Wri of a philosophy of freedom, sharing, and St change. + Artists March 19 & 20 at MIT. Students and FSF members attend gratis. libreplanet.org/conferenceENCRYPT EVERYTHING ENCRYPT EVERYTHING Keep your data secure, safe and private, with a little help from Linux and Graham Morrison. a when soft sna data vulnerability the the encryptionis. ysitis. Without apen ‘ill smplexty diminish pr your data locked wh its developer nthe dat But open s ce, banking, encryation and digital me technology terminology a al for almost everything tury Witheut encryption, we “4 wwuilinuxvoice.comENCRYPT EVERYTHING KEY CONCEPTS Never again get your private keys muddled with your public keys. hereareacousleofreasons fortheaura of complexity that "tt teene noe hangs over encryption. The first ae is that the complicated maths behind encryption, But une the complex ‘management systems that control your ar, for example in encryption those systems arent always hidden, exposing the user to ideas and concepts that aren't necessary for its use, ‘Another reason for this complexity is the dficulty n creating a system that effectively hides these parts while ‘maintaining trust. Without trust, there's ‘no encryption. So, until same clever startup solves the problem of ereating ‘easy encryption that everyone can trust without requiring any specific knowledge, i's worth taking a litle time to understand some of the key ccancepts behind encryption, and how you can make it work for you Encryption in three terms Encryption This is the idea that you can encode someting such thatitcan only be decoded by someonehalding a specie decodingkey, an idea that has been around for thousands of years. ‘This is the art of cryptography, practised by eveyone from the ancent Egyptians to the Third Reich, Butits the mathematical prowess oF computers that have defines the It was Whitfield Diffie and Martin Hellman hugely influential 1976 paper on key exchange that led to the proliferation of asymmetric encryption algorithms. between two types: asymmetric and symmetric. Asymmetric algorithms are perhaps better known, thanks mostly to SSH and GnuPG/OpenPG, “These use what's known as a private/ public key system implemented by the DSA algorithm, although this can bbe changed. The most important characteristic ofthis algorithms that ‘one key can't be derved from the other, ‘and because the private and public Asymmetric algorithms allow data to be decrypted with a key that's different to the key used to encrypt the data modem era of cyptography, replacing initiate hteroglyphies or positional rotors vith @ complex series of substitution and permutation processes (depending (on the algorithm) that aim tomake the translation of values fram ‘plaintext to ‘ciphertext’ and back to ‘plaintext’ as Composing panel Signed messages wil gow green if you've got the correspondents public key in your GnuPG configuration, yellow if not and you can use the Sign and Encrypt toolbar buttons to sign or encrypt your own emails. When signing cr encrypting, youl be prompted to enter your key's passphrase before the message is sent to your contact. Encryption add-ons if your email cients Morills Thunderbird youl first need to install the Enigma addon via the Settings > ‘Addons menu. With isinstalled anda 0 ‘As we've mentioned, one ofthe problems with public ey is being certain the copy you olds the definitive key ofthe contact you wan toenail Meeting up or speaking via Skype is only rely viable for contacts youhavea relatively cose relationship with. hich means there's areal problem if you want o send @ message encrypted withthe public ey of someone fdse you want to mal or ifyouve received a signed ell fom them and watt verify te veracity of your ene, Oe elton called ay ever, a emple You can even use Keybase to generate key airs and encrypt stuff, but wed still recommend keeping your private key decryption local restart ofthe client, youll be presented with the Enigmall Setup Ward. Choose the Standard configuration and, thanks tothe magic of open standards, the rex step should automatically detect your default key ait Select this and Thunderbird is now configured ‘When you go back tothe inbox view youl now have the option to encrypt Orsign your ovn emails from the ‘wwrwlinuxvoice.com repository of public keys linked to email adresses ‘an names. You can publish your own to kayserver ect rom GnuPGis GPA tol and most Gul cents, azwall as download the public keys of contacts But hey servers dont solve the fundamental ust _roblem: you cai be sure the person who uploaded the ey ithe person you thik hey are. This, here Keybase htps:eybase in) comes i. tsa key server that works by inking pubic key to their respective online persona. fou fllow someone ‘on Rei, Titer and GitHub, an ther accounts ae linked va Keybase you canbe almost certain that those keys ae forthe correct person. There's even a keybase commandline toc for etactng keys and sending messages = al ou need to impor those ‘ey into your system and use them yoursel. ding yoursal to Keybace i almost a smal (although its curently Private Bet) You ink your Keybase account to your various networks by posting a Keybase generated proof to those channels. Thisis validated automata and your credentials ar aed to your account Thefinalimportnt ingredient works a tle like social network: People who tst your acount link theiridentity to yours bung an allnew peeto- eer wob of rust out of he humble GruPS. atps:heybase io \Wite Message toolbar, and encrypted messages you receve willbe decrypted ‘automatically, just ike with KMai, Both aops wil attempt to download 2 public key froma key server i'you dont have someone's public key in ‘your configuration. This is convenient if ‘you need toreada message, but cant as trusted asa key youve exchanged ‘yourself or through some other method 17ENCRYPT EVERYTHING SECURING YOUR DATA Even if you're not sending files across the internet, it's worth keeping your data safe. here are many tools created I spectcaly for enypting your deta, and one ofthe best things you should dois take advantage of your dstrbuton instar to encrypt your home folder/parttion. Ubuntu in partioular has a great system for encrypting your home folder using Crypts (see next page). That way, if you ever lose your laptop, your dota wil remain secure. Buti’ also reasonable totake@ more aehoc approach, only encrypting those files or folders you want io keep secure. That way those files are easier to back up, cony or transfer. As youve now invested lots of menial energy in understanding how There should be no pattems or discernible information in encrypted data, should GnuPG works, thsi probably the ‘appear as random asthe output from /dev/urandom, as shown here. sills Seessresar ante tnypin a 8 GnuPG can use the same public and is whetheryounged to compress your file manager. This simple utility lets Sy Piteleystosgn or erent fies ast fst. Properly encrypted data ‘you add unencrypted files using a does email. But equally theres nothing should lookno different toarandom simple requester, anda buttonin at Jo" stopping you cresting separate key streamof data. But fle compression _the toobarlets you use your GnuPG SHALE axtomcrermiraviiis "" aywonsuteitensauienen Inctocede one eam $ although you will lose the ability to sign which makes post-encryption saved automatically with the gpg flesyoumay wantother people to compression swastect te, Forthat_ecenson, wile decrypt fe authenticate reason youlreedto bor bp2your inthesameway. Andis beng ieaso pose tocrentesubteysflesandfoierstforeenayping GnuPG, anyone lea to work offyourmankey wiegaubteystor them or ueyour fae Ulta withthesae les regards ote iron puposteoedeveesnhox Encypthgte lessens especialy —appleaton or tty. he/ve got he losagtheotgilauhentsty Teonly now weveateady retedapor preeisteprveteorpubickeys ts specelomsdeatonjoushoudmake cflayeandtheGPstod ncudese agra wayof backing impor files, fr example but t does make itrmore vital that you remember the passphrase to your key this lost, there's no way of decrypting your privately encrypted files. To sohe thi, ‘ensure your encrypted key is saved in several places. Dueto te strength ‘ofthe encryption some people even leave these plain sight such as synchronised other public GitHub ‘accounts, but clous-based ema is ‘another good option, Encrypt your home folder Taking file encryption a step futher, you might want to consider encrypting your home folder, decrypting it ive as you login, This is what Ubuntu does when you enable the aforementioned installationsie encryption Its obvous advantage over perf or per folder encryption is that you dont haveto think about what you need to 18 ‘wor linuxvoice.comkeep secure: everything is secure If your laptop is off, your datais inaccessible without your passphrase, whichis usually configuredito be your login password, However you stil need ‘tomake sure temporary files or caches used by your system are ithe saved to your home folder or deleted on ‘shutdown, Youalso need to make sure you enable swap partition encryption, as the swap file contains data shuffled in and out of your system memory. We've been using an SSD laptop without a swap partition for a couple of years without issue, which does sidestep this problem, your system starts, making itmuch easier io manage and copy encrypted data. Before mounting, the encrypted data can be found ina users Private folder, but after mounting, your home {older wil lok just as it should John the Revelator Choose a user whose home folder you want to encrypt were going with John), ‘and without the user being loagedin, check tomake sure theyveno processes running. You can do this by ‘yping ps john John should aso ‘make sure ther password is tough yet ‘memorable as this willbe used as the If your laptop is off, your data is inaccessible without your passphrase, which is usually your login password ‘The tool we're going to useis the ‘aforementioned eCryptfs. Ubuntu configuration is easy, thanks to Canonicats developers. But those easy ‘scripts for creating and managing Crypts have been migrated to most ‘ther cistrbutions too, sits almost ‘as easy on Fedora andeven Arch. Just ‘search for and instal the eeryptfs-utils package, which shoul also ask for rsync and Isof to help with locating a user's open files. eCryptfs itself is part of the kernel and the module needs to be loaded before you can stat (sudo ‘modprobe ecryptts}, although this willbe done automatically after you've created an eneiyoted folder It also important to note that Crypts sits on top ofthe filesystem its not formatting your data atthe block level. Its mounted using FUSE after passphrase to encrypt their data Depending onthe size ofthat users home folder = you can check by typing duh fhomefjobn = tray be quicker and easier to move out the majorty of that users data. The fist stage of encryption willbe far quick, and the user can then move the data back as they need it. There's no point encrypting 2 downlad folder fullof 50s for example. You can now instantiate the migration process witha single command suid eryptfs-migrate-home john You be asked for John's gin password before the encryption proves kicks of. When its fished, ted output wilnform you ofthe next step. and if you check, youl se the Contents of Johns home folder has now disappeared, Dot wory though Soe Tern nee 1. Ty ie enrptian aes tty capac cash, Pome [Sainte mma, mre me okay ‘Somat ne memtton 2.1 fm con og nan cua dat tar es, then the gration Ss cm Thanks to some excellent eCrypts utility scripts, encrypting any folder is an easy task. ‘wor linuxvoice.com ENCRYPT EVERYTHING it's hidden inthe fhome folder for ‘now justin case something has gone ‘wrong, John should og in and type ‘ecryptfs-mount-private to mount the decrypted folder and checkit contains the expected fies. Follow this with cecryptfs-unwrap-passphrase t0roveo! the master key in the encryption. Keep anote ofthis, ast will be required if you need to access the data outside ofthe login account environment, perhaps using GnuPG tokeep it safe and stored somewhere else. Finally, when youre happy that the configuration is working remove the hidden some folder wath the unencrypted versions and rebootENCRYPT EVERYTHING currome neti ostys Yerevan piers ya ete androt wry och ta Wom ates end ur esepry inal sosthngs better saiseutessuenan yor dhposes trop hatrewal oon oye tyolumup re netg honour chee beeteadng home tt ta aula es feet apace her npatetiosae ad tatetcbre wean acoedinte naar tpn ots pots fompourrestie barren doesent what Sidon 8 iu cert Tetum preted from the wilds of the internet by crenpion wth ios ethene the une onypin nd Stn tec trtaromsen ard won atv. Anning ce ate da intcnestcasnernctandan Disord oes they wortcen bese honour vag hm hsarebeemginsety part bene ee tet Sipchon chorea nea lean onerous net Secure your connection with the magic of OpenVPN. ‘oraocess machines behind afrewal. \When youre connected to @ VPN, your local connection behaves exactly as fit were physically relocated tothe remate location, accessing those boxes and services without further configuration. If you access your BrewPi at home with the IP address 192 168.1.177, youll use the same IP address if you use a VPN, toaccess your home network froma remote location. Connecting to a VPN Its highly Ikely youve already used a VPN for work, as they enable remote The vast majority o: OpenVPN, an open ‘The vast majority of VPNs suppor OpenVPN, an open source VPN. ‘that uses OpenSSL for encryption. OpenVPN is almost ubiquitous on Linux systems which means that ‘configuration should be straightforward vwhether you're connecting via the desktop, Cyenogenmod phone ‘ora Linux router. We've found the ‘most reliable method for configuring and enabling OpenVPN is via the ‘openvpn command line tool With ths installed and the ovpn fie bundle downloaded from your VPN provider and unzipped, simply configure an f VPNs support source VPN that uses SSL for encryption werkers to access the same facilities ‘as when they're in the office, only securely from a remote location. But cover the last couple of years there's been 2 proliferation of low-cost private VPN providers offering to tunnel your connection to some remote ‘geograahical location while also vetting your data for security and privacy, as Wellas ad blocking. These are perfect forside-stepping online restrictions and local security issues, —- —— a ~—- - a, aes * Pamort—aenannes = ae Pierkey omrioecwopemoncienthey @ 8 ‘wwrwlinuxvoice.com OpenVPN connection by typing sud ‘openvpn ~-config‘path-to-file.ovpr Within afew moments your network ‘connections will become rerouted through the VPN. The best way of proving this from the commandline istotry and access a few sites, oF Use a website to check your IP and geoaraphical location. f the VPN is ‘working, your location will appear to be where the VPN exits located, not the location of your local network provider, vo x ° , oonOPENSSH Talk to your Linux machines across the wild, wild internet. 1e couldnt write about ‘encryption without looking into the open implementation of the SSH protocol, which is also a great place to end our encryption coverage for this issue. This ‘wonderful offshoot of the OpenSD projects one of the most used and Useful tools ofthe Linux stack enabling ‘any two Linux boxes, r OpenBSD bores, to talk securely to one another across the wid of the internet Because SSH uses very litle bandwidth to gve you aremote terminal you can perform almost any task that you can locally, even ona desktop, using nothing buta mobile phone and a local GPRS network We doubt you need reminding of how itworks, but things dont get much simpler than tyoing ssh followed by the IP axckess of your server. if youve gota user account with the same usemame, youll only need to enter your password to getaccess. ‘makes your server more secure, 28 you can't get access simply by guessing ‘password, Todo this, on your client ‘machine (not the server), type ssh- keygen -trsato generate the keypair Enter a passphrase ityou want the added security of requiring both the key anda password, By default it wll ‘save bath keys into your -ssh flder. You can automatically copy the public. key to your server with the folowing command: ssh-copy-id-i.sshvidLrda. pub user@server. You can now connect to your remote ‘server without entering a password If ot, make sure the permissions are set correctly (chmod 770..ssh) Finally if everything is working, isable password logins on the server by commenting ‘out the PasswordAuthentication line inthe server's fete/ssh/sshd_config configuration file— and dori ase your local SSH keys! One feature of OpenSSH that isnt often mentioned is that is also cagable cof acting asa cheap VPN, tunneling Passwordless login ‘Armuch quoted improvement you shoul make is ocisabe password logins ike these and replace them wth themaco ofa pubc/pivae key pair that not only automates SSH login, but + ieee tp You can easily tunnel web requests through SSH withthe -Doption to create a SOCKS proxy. general requests through the same SSH session youre using for terminal ‘a00ess. I's nota fully fledged solution im the same way as OpenVPN — it uses TCP fora start. and OpenVPN should ideally be configured to use UDP. as it's faster and better suited topassing through NAT connections, but itsideal foradthoe connections when youte away from home, or need tojumpa ‘geographical restriction toyourlow-end-box. The command for doing this is sed -D 8080 usemame@server, setting up a SOCKS, proxy on port 8080 of your lacal machine You then need to configure either your ‘computer (desktop) or web browser to pass traffic through tis. In Firefox, open the Advanced settings pane, click on Network ‘wor linuxvoice.com Further reading Encryption, ecuity ad privacy have been an important aro our etorialcoveraye these lst two years, and our ‘ld articles are the best place to startif you want to ake encryption further (quick plug al subscribers get access to ‘ur ene back issue catalogue) Inpatcular in issue 15 Jake Margason wrote abilint tutorial on iding encrypted volumes in plan site, xo that ‘even the presence of your data becomes ambiguus. We ‘so covered the popular password store, KeePass,n issue 1, which is @ ret aternative to the humble pass tool we mention hee. Issue 17 was dedieatd to pivacy, and Bens cecellent cover festure goes in-depth on how snoopers get ‘sccezs to your data and how how to use ons ie Tro keep ‘ying eves aay There's also a great interview with Cony Doctoron. Final as one ast tip ~ keep your cstbution up to date Vulerabiities wil be fund even in tok ike Gru ‘and SSH, and the only solution to replace those ald versions with new ones. Ifyou want to stay ahead of security and privacy ‘issues, we can think ofno better source than Bruce ‘Schnle’s blog (htps:/wwn-schneiet com). and cick on the Settings button tothe Fight of Connection. From the window that appears, enable manual proxy alii: configuation adenteriocahost a2 = and 8080 as thepor. Tis wile. === route all web traffic tough the SSH tunnel. You can also do this for ol TT aa pence IMG -L.8080:localhost:8080 usemame@ an ‘server, which is useful if you want to tunel a single service from far away to ‘your local machine. We use this feature ‘to-access our router configuration page froma firewall we've configured to only allow through SSH. i 2DY AU DESKTOP SHOWCASE Want to change the way your desktop looks? Searching for a new Linux setup? Here's a selection from Linux Voice readers to inspire you... eons So qu ced ‘Cathedral-by-the- RRL) Py} ReesFEATURE LV OR = se? Sesrutes| mae Joined aUnumesce ie aceS8seceS.ptu-berlin. ge] has gut (Ping timeout: 256 seconds 30 t Solred wUimavotee atau) hes quit (ust: B30 & LANDING ose) < Freceye fun hse Jotnes stunavotenDY AU dade | ee eC oy ReesFEATURE LV Want your desktop or window manger featured inthe ‘magazine? Take a full-screen Screenshot in PNG format and malt to mike@linuxvoice com, ‘Add some words (max 50) about Your setup, such asthe Ww 4 lesKtop youre using and any ustomisations yot've made! roe LINUXVOICE ee some moe ea"=5 rato ap coy sxe ounNES Seiay VLC siaCala Ss Master your media playback. platform. Itworks even with fles that many other video players struggle to read, and has a simple, clean interface that's easy to use. Below this simple interface, however, there lurk many more powerful features, but theyre not abvays easy to find V Cis among the most popular open source tools on any Ble 2 tere [epee pee Play from YouTube ‘The YouTube web page works wel for short videos, but f youre setting down for ‘something longer, you might want a litle more control, perhaps over the ‘audio and video (see tip 7) over playback control (see tip 2). In these ‘cases, you can use ViCas the playiack device for YouTube videos. First you ‘need to use your browser to navigate to the video you want to watch then open VLC and goto Media > Open Network ‘Stream. Pastein the YouTube lik, and it will ply in the application. — OP rir sis ofernaiconeerto tse yarrmous:ottooat ca playback, but fortunately VLC includes a web server that can host a simple web: ‘page with controls forthe video, The easiest way to start this is by launching VLC from the command line withthe following: wle-Thttp ~http-password pass 10t This uses pass as the password if youre on a public network, yournay want to use something more secure. Open http:/:8080 to use the controls Convert formats Video players are fickle beasts, and just because you use VLC which plays just about everything under the sun, that doesn't mean you can ignore the problerns of others. Fortunately, VIC can convert between formats to make movies more friendly for other devices. Go 10 File> Sometimes videos may need cropping, noise reduction or adjusting the sync between video and audio — VLC can do all this on the fly 26 ‘wor linuxvoice.com Fear not For brave Sir Ben has trawled the graphical and ‘command line interfaces ofthis incredibly useful media player to find the eight most useful ofthese hidden features covering everything from new media sources to easy contral when away fram your desk. Never before has watching Monty Pytnon been easies! Convert / Save, then select the fileto be ‘converted and then press, Convery Save Inthe new window, select the ‘output options and press start Star ‘This method can also be used to save network videos such as those from YouTube, Capture video ‘As wellas playing video, iC can help youshoot ‘one. Go to File> Open Capture Device, select the capture mode you want (probably ether Video Camera or Desktop), and you can start recording, It ‘won't be able to replace proper recording software for seiaus users, but ifs more than capable for simple pesca O05" Wiles geal et pet acannon to aids soca esc cae) ou noo s gubtarfone nana es Listen to radio and,vic source: Musi/Police Dog Hogan/WestwardHo/12- No Wonder she D Type: le settings © comer 7 Display the output Deinterlace Profile Video -H.268 + MP3 (MPs) ump raw input § Geeveonncen Destination listen to podcasts (such as the theyte good to watch, This could fortnightly Linux Voice cast) goto View some judicial cropping, noise removal > Playlist then in the intemet section, from the auclo or adjusting the sync Glick the plus icon next to Podcasts and between the video and audio, There's ose || pescrigtion _ayces enter the RSS URL forthe cast.Youcan _noneed toreach from some complex cial ermal aisouse ths seciontolistentoan video editor though, because VLC eee csny inert rado station doalthis onthe ty, Just got Tools > folks Gon = fects and First setup whatever es 0 Record current video youreed eos — YYoucan ecard sections of oles oop sooroe she curently plying video 0 Bookmark a video ara a by clicking onthe record bution (aed ifyou fe yoursef needing eet or crcl inthe control pane atthe bottom to goto specie soenesin a cam) oben dog = cootae Of the VLC window IFyou dont see the video frequently (gerhaps youre button goto the View menu and.click watching Gladiator and need tire to (on Advanced Controls, takein the magnificent husband to Manage to set up the bookmarks, and ‘murdered wife! speech), you can make youl be able to tun to thase paints 0 ‘Audio and video effects _yourifealitle easier by bookmarking witha single click. There's no need to Sometimes, videos need 2 particular points inthe playback. Goto scroll back and forwards seeking outa litle treatment before Playack> Custom Bookmarks > particular soene again. ‘wor linuxvoice.com 21THE SNOOPER’S CHARTER THE SNOOPER'’ CHARTER The UK government want to watch what its subjects do on the internet - wrongly, says Ben Everard. Jechnology changes quickly, on the other hand, changes yuly, The laws we abide by today are roughly the same as the ones we followed last year andthe year before; in contrast, if we look back 10 years, the way we use tech has changed hugely. “Take smartphones, forinstance. In 2008 Goagle showed the world ts frst prototype phone, and the Android operating system hadn'teven been released. 2006 was also the ye surfaced that Apple was werking on a phone (which The UK Home Secretary says that we need a new law to govern surveillance on the internet, and she’s right ‘would be release the folowing year). Contrast that vith 2016, when Google and Apple combined have ‘over haif the world market share for mobile phones. Look at the web anda sinner thing is tue. In 2006, Facebook opened tothe public after having previously been limited to academic institutions, YouTube, now the thre most visited site on the web, was less than a year old and first caught the public imagination. 2008 ‘Was also the first year of Twitter Gobacka further six years and things seem even more distant Only four af 2015s most popular ‘websites even existed in 2000 (Goagle, Yahoo, TTencent QQ and Amazon). There wouldnt bea ‘Wikipedia for another year. Windows 2000 and ME ‘were the dominant new operating systems. Sun ‘open sourced OpenOffice org, though the 1.0 release ‘wouldn't be out for anather two years. Napster was sill less than a year old ‘This year, 2000, was also the year that the Regulation of investigatory Powers act ~ the main 28 lave determining the UK government’ access to ‘our cornmunications ~ was passed. twas written ata time when few could even conceive of a world where people routinely checked a collectively edited encyclopedia from their phones, and the idea of 2 social network hadnt yet germinated ‘Theresa May the UK Home Secretary survellance on the ntemet, and she's right. However, we need to be careful: any new powers granted to the state are likely to stay for along time, and wll apply ‘even when our use of technology has changed even ‘more than ithas singe 2000, Who knows what tomorrow brings? It’ impossiole to say what the future willho, but looking backat the change fiom 2000 to 2016 and extrapolating forward it seems almost certain that technology willbecome even more integrated into ou daly lves in ways we cant yet comprehend. t's wth this technology ofthe future that any ne aw ll interact, so we need to ensure thatt wil enable us privacy and security ina future word in which the amount of data aboutus stored online wil be almost inconcevably large. The craft Investigator Powers ((P) il eleased bythe government n November 2015 ives the state aveening new powers, but does it adequately protect our privacy? ‘wurwlinuxvoice.comTHE BILL THE SNOOPER'S CHARTER What's in the new law that the powers that be want to pass? ifthe craft P bill came into effect, it would alow the sate to compel ‘anyone providing communications services" to take“al reasonably practicable steps" to intercept the data of their users, Her there are two terms that have very lose definitions that will allow thebilto be applied in huge range of cases. “Communications service provderis aterm that can be applied to just about anyone who has anything to «do with any form of data exchange, from anintemet service provider toan app develope and teasonably practicable covers alt of things that ae easy todo butethically wrong, suchas deliberately switching to ‘a weak encryption algorithm, Dragnet! ‘The section ofthe bill covering buk data collection is the most worrying aspect tous at Linux Voice Itallows the goverment to require anyone who handles communications to hand over vast swathes ‘of data atout people who arent suspected of any ‘wrongdoing, The explanatory notes accompanying the bil attempt io justify these wth te folowing “Access to bulk data is crucial to monitor known and high rant threats buts alo a vital oo in cfscovering new targets and identifying emerging threats. The lav provides forthe use of interception, ‘communications data and equipment interference powers in buk Tese can be used fo obtain Farge volumes of data that ae lite to nolude ‘communications o other data relating to teroists and serous criminals Robust safeguards govern ‘accesso this data to ensure tis ony examined wher itis necessary and prpertonate todo so” hiss probably the most misleading passage in the notes, The frst partof the frst sentence is demonstrably false access to bulk datais absolutely not crucial to monitoring known and high priority threes, becauseifa threats both know and high: priority it cart be hiah priority witout being known), then thereisno need for buk collection = an individual warrant for the data onthe known threat would equally suffice The above quate then points out thatif they arab enough data, they probably get some relating io a ‘Global Internet Traffic wom opm ‘ono 9000 1wopn0 0000 0000 Petabytes per month ‘0000 20000 ‘ave 2s oe Year 207 2m 2019 Global internet traffic is ‘growing by 23% per year. If this continues, then ‘any interception laws will become 23% moce invasive every year. terrorists and serious criminals. While this is true, itis based on the logic that violating peopl’ rights is accentable'f you violate enough people that you happen to also violate the rights of criminals and terrorists — also know as the ‘if you arrest everyone, youTe sureto arrest al the criminals’ argument, Perhaps the most revealing aspect ofthis passage, however is revealed when youllook at it as a whole “Acoess to bulk data... also vital too in discovering Access to bulk data is absolutely not crucial to monitoring known and. high-priority threats new targets and identifying emerging threats, Robust safeguards govem access to this data to ensureit is only examined where itis necessary and proportionate to do so” This implies that the government wants to use the bulk data to look for targets and threats that it doesnt yet know about. However, the assurance that buk data willbe used only where ‘necessary and proportionate” creates a contradiction, since you can never knaw when itsnecessary and proportionate to examine dataifyou don't know [PX] the targets and threats V2 that youre examining it for. The only way that buk C) data can be used to identify new targets and emerging IN threats there ren robust safequards ensuring that its ‘wurwlinuxvoice.com 29THE SNOOPER’S CHARTER y exami ference powers that this new bil where bulk equipment int itisnecessary and confers, theyre unikely to back off when they have proportionate. Any more powers to attack computers in vast numbers. robust safeguard ‘Another asnect of the bill requires ISPs to hold onto would ensure that ‘everyone's intemet connection records (ICR) fora secutily services only _year. These ICRs will detal every communication fitered the data for you sent including web requests. This part of the bill known targets andaeady makes a distinction between metadata (thats, data identified threats about the communication including which machines took part and when it happened), and the content Hacked off of the communication. in the case of web browsing, The equipment interference aspects fthebill this means that the ISP will record every site you allow the goverment toalter ether the software or requested data fram, but not the actual page you hardware of your machines in order to extract Fequested. In other words ifyou vst a BBC news information. in other words it gives them the ight ta page, the ISP will ecord a visit to wwwxlbbe.co.uk. but hhack computes. ot the story that you visited. The explanatory notes It may be useful to target individual equipment describe ICRs thus AnIchis tis arecordof the when done in accordance with proper safeguard however there is no situation where bulk equipment. interference can ever be justified. tisnever ‘appropriate for security services to routinely h a person’ fulintemet browsing kthe leads. twould not reveal every web page that itor anything that they de an that web page” This requirement for only the metadata means The government will be able to build that sites can il be saved over seourecamectins up a far more detailed picture of your (HTTPS) without vlatng the law However its actually a more nuanced situation than ths, because browsing habits than first appears ‘web page isnt a single entity that you download in ‘one go: its made up of images id styles that ‘software and hardware of innocent peopie who aren't all comein cifferent requests. suspected of any wrongdoing. twas undera similar Each ofthese requests will go on your ICR, and. bulk warrant that GCHQ hacked intothe computers by looking atthe pattem of all these requests, the of Privacy Intemational, 2 icated tothe gaverzment can build up a far more detailed pi right to privacy. At the time of writing this hacking your browsing habits than fst appears. Depending is under investigation by the investigatory Powers _on the website visited, our tests showed that this Tribunal, because GCHQ didh’thave the powers that pattem of request was often sufficient to distinguish it would have under the new bil. I GCHO hacked the category of page visited within the site, and into the computers of charities before theyhad the sometimes the actual pages visted Left: Theresa May i the current Home Secretary, butte powers in the bil wll allow any future Home Secretary to authorise spying ofthe entire populus. Above: GCHO, based in Cheltenham, carties out much ofthe government's most invasive spying, 30 ‘wurwlinuxvoice.com‘Thecurrent UK govemment is tying hard to convince the population that bulk collection is an essential tool in the fight against tercrism:that by collecting ‘enough information, and by analysing it carefully ‘enough the security serves will be able to work out ‘who's @ terrorist and stop them before they cornmit. ‘anactoftertor. The problem with this that its mathematically wrong. ‘The first thing to take into account is that terorists are rare. Inthe year ending in March 2015, 118 people ‘were charged with terrorism offences in he UK. No attacks happened in the UK in the same period, so there can't bea significantly higher number of active terrorists than tis. The UK population is about 64 million people, which means that, even if we pia safe and scale up our estimate of tertorsts by a factor of 10, terorists only account for ane in 64,000 people. Now" lt’ consider the algorithm thatthe state wil use to process this buk data and find terrorists. This isn't an especially easy problem, since terrorists will be attempting to blend in, ndmany ordinary people's Curiosity takes them to websites about terrerism: ‘The algorithm will never be 100% accurate, so what happens its not? What happens f the algorithm is ‘ay, 99% effective at finding terorists? Enter Bayes’ theorem Bayes'theorem tls us thatthe probabilty ofa person being both a terorist and flagged by an algorithm that's 99% effective can be calculated by mutipying the probability ofa person being a terrorist by the probability ofa terrorist being lagged by the algorithm (099), then dicing the result by the probabilty of ‘somone being lagged regardless of whether or not they'e@ terrorist (0.01) The resuttis 00015. In other ‘words, the chances are that your theorelcal 98% ‘Speaking inthe wake ofthe Chari Hebdo attacks in January 2015, David Cameron iterated his desire tobe able to iteceot the entirety of online communications: "Butte question iar we going talon ameans of ‘communications whcht simply ist possible to read 'Myanswer to that questions: no, we must rot” The Draft Investigator Pome Bilis the fit of that esr, However, the Prime Mites ambitions ate not met by the new bil fortwo simple reasons: = Ieplaces the requirement to intercept data onthe telecommunication operator, but inthe case of user- implemented end-o-nd encryption (such as GP6) this afr has no capabilities to intercept the pain text. only asthe capably to fore companies with ‘operations inthe UK to comely with warrants. Any now UK cizen could et up an organisation ouside the UK offer truly private communications without the nad o comply with is fan THE SNOOPER'S CHARTER THE STATISTICS OF MASS SPYING Bulk collection does not and cannot stop terrorism. effective algorithm will actually be wrong 99.8% of the time, The reason for this apparent contradiction is because there ae so few terorists, The 1% of the time thatthe algorithm falsely flags a non terrorist as.aterroist (1% of 64 milion) vastly outweighs the proportion of the time that it correctly flags a terrorist (99% of 1,000). If this terorist search iter were used as an input for amore invalved investigation, the problems wouldnt get any better With a success rate of 0.0015, the security services would have to investigate on ‘average 667 people for every terorist they cauaht. With the UK police officer numbers having declined by 17,000 (about 12%) between 2010 and 2075, the police don't have the manpower to chase up this ‘numberof inaccurate leads, GCHQ is expanding bby7,900 anti-terror spies, but even these numbers fall far short ofthe number required to make their way through the sheer number ofleads that a99% effective algorithm would generate. Even ial these leads were followed up completely cortectly and every flagged terrorist were apprehended, the algorithm stil missed 1% of terrorists, so this would leave 10 ree to carry out an attack Not only does bulk collection not work, butit cannot work Targeted, individual surveilance coupled with traditional ‘methods of inteligence gathering and police work are the only effective ways of tacking the problem, Now write to your MP and tell them sola ‘wurwlinuxvoice.com ‘Thomas Bayes developed his theorem inthe 18th ‘century, and it stil has applications in bulk ‘surveillance and spam filtering,CHIP FH CHIP The Raspberry Pi Zero isn’t the only ultra-cheap single board computer in town. Say hello to the $9 CHIP. Next Thing Co, a small startup LEST SETS founded in 2013 and based in Oakland, Calfernia, The company's fist product was the Otto,a customisable Isn'ta chip just a part of a digital camera that’s powered by ~ ofall ‘computer? What's the deal things ~a Rasnberr Pi, By connecting with the name? the Ottoto your smartphone you © ‘Wedontthinkitsa great name add iter, perform post-processing either the CHIP has several effects and do other ticks without chips ont and searching fer suppert having tobe an expert in photography. Con the internet is going tobe tricky. Youcan even use the camere to take Googling for CHP not working’ is videos in animated GIF form which «ing to bxing uplots of unelated ideal youre locking o build up sweet, results, athough i's nat as bad as the sweet karma on Reds ifs forum situation in Gnome (Web wontt connect tothe, er web..) What i it that makes the CHIP Butanyway. CHIP or offically so special? CHIP, but we get a headache from EQ eens eee seeing it written ike that allthe time) ‘may all be cooing ver the $5 anuitra-cheap, $9 single-boara Raspberry Pi Zeronow, but back when computer very much like the Raspberry itwas announced, the $9 price point for PiZe10 Indeed it was announced and the CHIP reised plenty of eebrows in crowefunded on Kickstarter back n the wider computing werd Just the May 2016, haf ayear before the Pi Zero fact that fly functional usable ‘was revealed tothe word, andthe team computer (unning Linux ofcourse) behinditmanaged to get over would be available for under a tenner $2000 from almost 40000 was brainbending fr mary people backers That’ real computer forthe price ofa couple of beers a the pub Wow, that’s not bad. Who's Part of the orginal Raspberry Pi making it? appeal was itslow pie, We dont want CHIP supports wireless networking and Bluetooth out of the box, whereas the Raspberry Pi Zero has neither of these 32 ‘wwwlinuxvoice.com to-sound wasteful but there was something especially appealing about a ‘computer that you can break throw away and replace fora pretty small cutiay. The CHIP takes ths to thenext level: want to use. tiny Linuxcbased ‘computer for home brewing, monitoring wilde or doing other tasks where it ‘could end up broker? Buy a few CHIPS and if one buys the farm, just swap it ‘out for another. (And go without the ‘couple of beers at the pub that night 0 ‘claw back the cash) Fair enough, but the Pi Zero beats it in that respect now, doesn't it? Doesn't that mean the CHIP is obsolete? Wall yes and no. Both prices are astonishingly ow and its true that the PiZero has the edge if you really want to save every penny. But there are also some substantial differences to the hardware. Both devices have single-core 1GHz ARM CPUs backed up with 512MB of RAM = but while the PiZero requires a Micro SO card for storage, the CHIP has 4B ‘of flash memory but in Similary, CHIP has.a single fullsize USB port. in comparison to the Micro USB socket on the Pi Zero, so that’s one fewer adaptor you may need to buy. Andthen the CHIP supports wireless networking and Bluetooth out of the box, whereas the Fi Zero has neither of these. So while the PiZero may look ikethe cheaper option at first glance, when you star to think ofthe adaptors you may need tokitit outwith USB and \WEFi support its price can match (or ‘even exceed) that of the CHIP \Video-wise, the Pi Zero has a Mini HOM port (again, requiting an adaptor inmost use cases) whereas the CHIP justhas composite video withthe ‘option o convert to HDMI via another adaptor And in terms of GPIO. the Pi eto has the lead with 40 pins, in Contrast to the CHIPS 8 (although this, may change as the product reaches widespread production) ‘So both boards have their upsides and downsides. The CHIP is more ‘capable out ofthe box, but the lack of a Micto SD card siot means you have to {eal with the 4B storage limit or start adding USB flash drive or SD card reader ~ which again bumps up the total price ‘And what about those all-important shipping costs? A the time of writing, delivery of CHIP to adresses in the United kingdom and United States costs $6.22 using the charmingly named Super Standard Shipping method. For the Pi Zero, our fiends at Pimoroni charge £2.50 to post orders under €50 to the UK, or £4 to the US, So again the prices aren't drastically far apat inthis ‘department, and you could save on the postage by ordeting a bunch of CHIPs (Pi Zeros atthe same time. ‘What versions of Linux run on. the CHIP? ut of the box, the device will run Debian GNU/Linux, Next Thing Coiskeen to position the CHIP asa ‘general-purpose computer, capable of surfing the webs playing games and editing documents in ibreOffice. Given the computer's very modest specifications (and our experiences with the original Raspberry Pi), we think this might be overly ambitious — but ‘well know for sure when we spend more time with it But outside of home desktop usage, the CHIP could be a reat alternative for many of the jobs at which the Raspberry Pi excelled: robotics, home meda servers, simple network attached storage devices, classic 8/1 6-bit ccongole emulation, ARM assembly ChIP CHIP The World's Firsp $9 Computer! “Banana cable ave cane extra. extimated shipping Fane 2016 You'll have to wait afew months to get your hands on a CHIP but it will give the Pi Zero some friendly competition when it comes to embeddable computing power. hhacking and others, We look forward to seeing the CHIP hacked into old 2X Spectrum and Commodore 64 cases, running emulators and hooked up to televisions. OK, I'm sold! How do | get hold of one? Wel youll have tobe patient, Next Thing Co is working on ‘getting its frst batch of shipments out tothe Kickstarter backers ~ sothose are taking privity You can erder a CHIP from the website at www.getchip.com, bbut you may have to wait until atleast June before it will arivein your letter box. In the meantime, Next Thing Co has promised to senda review unit to Linux Voice Towers, so well havea Closer look at the machine next issue ‘and youcan start thinking about CHIP projects before yours arrives. ‘And what comes next? Is there going to bea CHIP 2 Ora CHIP Zero for 99 cents? Maybe one day! There are no public plans fora follomup device right now, but the Next Thing Co team arent siting around twiddling their thumbs. The PocketCHIP (www. Freeasin Freedom Meanwhile, unnaticed, Linx wl rewe come. _youhave the patience stuff of a madman’ dreams! Bocaon9ca000000Ks!!! 48 Group test ~ software licences. 50 Continue to power everything from ‘Avreloome retun to badass form from Kathy Sierra, The licence under which software i released {ridges to the intemet. Carty on! plus some ather books that aren't by Kathy Sera, can ma andrew@linuxvoice.com but wil also help you write beter code mportant in Free Software and beyond. wwuilinuxvoice.com 4LV REVIEWS Ee Rosia: ia a DT eo MURRAY Ardour 4.6 Graham Morrison finds another excuse to turn on his immense synthesizer collection. Web Ntp:faréourora Developer Pau Das cence Pu This release also has ‘support for a major external controller, the Presonus Faderport 42 'e dont always agree with the monetising ‘methods of Arcours author, Paul Davis, At he moment, for example its impossible to download a binary of Ardour from is main website without going through several nag screens, paying a one-off (ow) fee cr buying a subscription 's completely within Pauts rights to do ths, and there's nothing stopping anyone downloading the ccade from Githiub and compling the packages themselves (es we di). But binary obfuscation ist going to help Aro fe dont think making ‘something harder t.access is going to improve Paul's profits, especially when Linux distributions are going to bundle their own versions anyway and OS x eS will just pirate something else. We humbly suggest that Ardourneeds to get more, rather than less, exposure, and another sold update lke this isa great advertisernent Ardour isa mulitrac tor. Unlike Audacity, i's designed to record and mix multiple recordin together much as an engineer wouldin arecorcing — www. linuxvoice.com studio. We useit to record our podcast. Is briliant, and recent releases have taken the application from a dificult niche to what we feel is imminent mainstream recognitior ‘46 is ahuge step forward too, mostly int Ardourhandles plugins. These essential components, lke fitersin Gimp enable you to process autho, changing the perceived volume of a track, add ec or distortion, or whatever else the plugin developer has imagined. There are hundreds available for Linux and theyre fundamental to Arcour's functionality ~ we cant believe Ardour doesn't include its own compressor, gate and equaliser fr instance. But these extemal plugins are now a lot easier to use. The main meer view even lsts your favourites right where ‘you can drag them into your audio tracks. You can drag and drop presets too, enabiing you to ky save and retrieve your hardiwesked parameters, The miser view in generalis now 25% ‘GUI has had lots of minor tweaks to things look better We also appreciated the abilty © tum off all plugins when loading a project, as. some plugins can cause a project to crash, Mo: similar applications have had this feature for years, vdouris developing at an inceedble rate, and t quality of each release is staggering. Allwe can add is that if you use Ardour professionally i's entirely worth spend eway Paul Davis nd the Ardour team ate doing an amazing job creating a ponertl opensource sudo editor torial Cube, Logi ot Po Toa OkPRIVACY-CENTRIC DISTRO ‘What Is My IP Address? IP Address Tools and More - Tor Browser /@ What is My IP Addres... %\ 4 Tails 2.0 Your IPv4 Address Is: 217.115.10.134 Anew release of this Tor-based distro keeps Mike Saunders safe online. risa fascinating project. It aims to provide I cettain level of privacy and anonymity online by routing traffic through anetwork of thousands of relays scattered around the globe, but its being attacked from all sides, Sure, there may bea ‘ew bad eggs using Tor for nefarious purposes, butit helps countless peaple in not-so-demnacratic ‘countries communicate and get access 10 information that would normally be blocked. Instaling Tor manually can be rather fiddly, so one solution is the Tor Browser, a prepackaged bundle of Firefox and Tor. Just launch it and start browsing — its then very ficult for websites you vist to determine who you are, But stil if there's other unsecure software on your system (especialy if youre running Windows), using Tar Browser alone isnt enough Here's where Tails comes into play. “The Amnesic Incognito Live System is, asits name suggests a ive Linux dist that routes all its network traffic through Ter Because itruns in live mode from a DVD or USB key, itleaves no trace on your hard drive (unless you explicitly choose to save files manually), so you can boot up a PC withit, do your work, and then power down the machine asf thadhit been used. So, what's new in Tails 2.0? The biggest change isthe switch to Gnome 3 as the desktop. Sensibly, the Tals team is using the ‘Classic’ mode of Gnome, ‘0 that itlooks and behaves more lke a traditional desktop. Claws Mal has been junked in favour of Web hps:ais oun arg Dveloer To and Tals eas Plato 22 While Tor Browsers the star ofthe show there re ‘ther programs inluded for communicating securely olin, sch a3 soresemn Soc 7 nave (a ebranded <2 Thunderbird). Jcedove (an untxanded version of Mozila Thunderbird), while the Tor Browser itself has been updated to version 5 5a6. We've always been fans of Tals, as it really focuses ‘on making privacy and security accessible tothe masses, This new release upgrades the distro with a better desktop environment and emai client (nothing against Olaws, but Thunderbirds abetter chose for less technical users). With certain governments desperate to monitor everything we do and put back doors into encryption, we need distros like this. @ ‘The saith to Gnome 3 and Thunderbird keeps Tals fresh, adem and ideal or pivete browsing wk kK ‘wwlinuxvoice.com -NS ISIS) WINE 1.8 FROCHIX:SCH Wine 1.8 Ben Everard messes about with some Windows software — all in a good cause! =e Emuator~ however this changed when t became clear thatthe project wasnt and wouldnt become, an emulator. The projet kept the same name but switched tote recusve acronym Wines Not an Emulator instead it a compatbity layer that enables the user orn Windows software Avitshear, any pice of oftware (whether its compiied torn on Linux or Windows, is just made up of machine code instructions, These ae forthe (CU and cont care about the cperating systern running, The oly compatibity problems anise when this machine code wes to access the ibrar of code thatthe operating system supplies as these bares diferbetween Lina and Windows Wins an attempt torecreate the windows ibranes (and other API) in Linux co that executable files fr Windows wil unin Linux The problem forthe Wine developers that his set of Rares is huge, complex, poorly documented Web gs tmwmcvineh arg T: ame Wine originaly stood for Windows With Wine you can enjoy classic Windows games such as Microsofts Pinball on Linu. 4 and changing. Wine is incomplete and probably always willbe, but it doesnt have tobe perfect itjust has to be good enough torun the software you want ‘torun and each release, Wine getsa lite closer to ‘matching Windows, and so more and more software runs. You can find out whether 2 particular piece of reruns orn king atthe application dtabase (https://appdb.winehg.org), but bearin ‘mind that this is based on people's experiences and ‘may be wrong or out of d Perhaps the biggest challenge for anyone using ‘out how to configure it for each application, This can bea significant challenge, and the simplest way around itis to use Play On Linux (04), This contains configurations for many popular applications (as you may guess fram the name, ‘many of them are games). POL uses known-good versions of Wine for each application, so you wi immediately benefit from Wine 1.Busing this ur configurations are updated. The development of Winenever stops, and version 1 Sis already out, however, thisis a development snapshot rather than a stable release. The next main version willbe 1.10 which is scheduled for release in December 2016. Wine 18is the most complete release to date, and ‘well worth an upgrade ifyou need to run Windows software, However, until the configuration is easier, "recommend vanilla Wine for regular users. @ t the ‘Av exelent way to un Windows software without having oda boot, but letdown by complex contiguration wadMODEL UammoR Al~THE NodeMCU Ben Everard tests out a small board with big ambitions. canter wh WF for ncn on A der migh seem ie an trposble earn oer ok oa DW Frais st mere tonto Hever e NodaU rety dos elvr thespromied van one contents ay feces eke conpteing omirocotal eee ern dno on i ese ner dato for at mater tutyoucan pogamntonn acing spiaten Th tery ny raring wah re Noda Fadi i bi St doi ba i screen US po nig oer stand etl Dor setare Goch come) seca cfware tesgned rs noch an Era. Ung Sie omer esiaeae oeegad NedeMOU osendendtagestata rs ientwa Coupe wih enewoninginctore arog sptlnpuVodputeinaoneansoge cut an SA pun 2 Tovate wang moalc ey (escn? Scl cOaa OU ot feces wath rented pgm te doe “Trecanneavnseloarandiow stl wodevOU mate fr buldng mretoF hs pan ery peleenn oun ow host srs heey Wocket rest ary scpectoyourenirment Temizononolers perl cop faring we overt poe eer any teva comet tap ESPE2GanOO Li} aU HU REVIEWS LV ia CG Nh aes Stak «: eR METER: si worn ocetCU com eit ‘nde ni Developer NogeMCU team Price Frm ‘The ESP8266 Wi-Fi module provides all features of the NodeMCU. Both the processor and the Wii ‘connection came from here, eed The downside to the NodeMCUis that its stil, ‘quitenew and not as popularas some other rmicrocontrallers (such as the Arduino), so there's ‘not much other hardware designed to work with itat the moment, There's also not much useful documentation for people new to microcontrollers. However, if you have some experience with similar devices and are looking fora Wi Fiplatforn, the NodeMCU may be the best option avaliable. A price and performance thats unequaled in vareless miercontrols but better ‘hcumentatin for beginers is needed. kkk ‘wwlinuxvoice.com -GAMING Michel Loubet-Jambertis our Games Editor. He hasnt hada decent ight seep since Steam came out on Li. noe a must-have for Linux suming, Wine as become inereasigly edundant of lat. This is ot just et the increasing number of waive tides ‘nallable, but lot the lack of Direct 1 support, which snow exe for most AAA tiles. While the compatibility ayers stil cellent fr olde titles that are unlit eer et Linx support, such 2 Styrin, gamers are going to bebiteriy disappointed if trying out something ke Fallout which does support DirectX 9. There fs ‘Simply no way trun such games, let ‘one wll and with th lease of Direct 12 right around the come, Wine i lagging bebind ‘Suppor forthe API hes ben in “experimental” stages for awhile now, and developers have been working hard to address this elephant inthe oom. That said once support. isavalable, were uniely to see a bunch of DX1 games werking overnight With hisin ming, the saftware has been taking more of "legacy" oe for cde tites. We a crssplatfom API such a5 \ulkan suecessr to OpenGL) would bethe ideal ong term solution, and is ely to gain action over DX12 (f ony forts cross platform support) this wl ao take a while to became anindusty standard With hs ining, Wine une to disappear any time son, since easly portale AAA games aestila while of, and there wil always be 2 demand to play lassi titles of yesteryear such as Te Sins without the ned to instal Windows 46 Divinity: Original Sin - Enhanced Edition Atrue overhaul of a classic formula. any games have claimed to bring the dated CAPG genre into the 2st century but few have reall followed upon those claims as well as Divi Original Sin, From its fantastic fully 30 graphics to its usage of full voice acting tis clear that the game doesn't simaly seek to cash in on nostal This is most evident from the incorporation of controller support, something that previously seemed impossible todo in such a game without dumbing it down significantly. Though there are stil needlessly clunky inventory menus foundin CRPGs, navigationis streamlined and easy to use. The drawback of using a controller ‘thoughis that text boxes get enlarged during clalogue and cover the whole screen, kiling ‘much of the immersion ~ something that seems redundant given the full vice acting Though the stor follows many oft fantasy trapes involving dark quis and plots ‘to.doom the world t doesnt come off as overly dense given the presence of lighthearted gags Simviery, the game at no point bornbards the player with countless text boxes desc Send Cos inn ‘The game is highly immersive, but doesnot shy way from humour, pacing that has traditionally been the bane of such games, Dvinitys stil nonetheless very immersive, with plenty of cigressing and sidequesting his is enhanced further with the rich, colourful ‘world, which is second-to-nonein the genre, Furthermore the ability to zoom rightinto the characters ta the point of athic-person perspective isa very nice touch, adding even more immersion. The story follows the usual fantasy tropes involving dark guilds and plots to doom the world wwuilinuxvoice.comGAMING Saints Row IV Some crass sandbox silliness. ow goes all out with the sandbox genre, giving the player unbridled freedom in its world which includes the ability tojump atop skyscrapers and run faster than cars, However, the game's biggest selling point is also one ofits biggest weoknesses, since these abilities are avaliable near the inning ofthe gare, which gives litle sense of progression and challenge ‘Asis expected with the genre the story the game's brash humour siliness and rodies of popular culture. Every aspect, downto the intricate character eeation is dialogue and characters, ae designed tohave the playerin stitches, In the end, Saints Row iV delivers exactly whatt promises: a healthy dose of fun itis for this attractive pi game so popular sson, along with its very ead ns fireworks toit Grid Autosport Easily the most realistic racing simulator to be released on Linux. he car-shaped gap in Linux ‘gaming is gradually being filled, and Gi addresses the par that gap concemed with realistic driving simulation, adding tothe batt a arcade racers released recently features everything one could want from a racing game pl ‘and cars, realistic physios and: satisfying graphics, Theres a wide range of classes tochoase from, including touring cars and endurance, “The online muitplayercan be very enthralling, uta kttle intimidating to in with. For the lone wolves, there's a y career mode wi advance among the dfferent classes and {get signed to bigger and better teams as the career progresses. This canbe challenging, but for casval players there are options such as the ability to rewind the player can ‘The game features many well known cars ‘and tracks to enjoy following a crash and display ideal racing ines on the track It's hard to pick any holes in Gri Autosport. Its a must have for those mor sefious about their racing games, while also recommended to those seeking something more casu wwuilinuxvoice.com 47Waa BOOKS Beyond legacy code Ben Everard avoids legacy code problems by using low-quality hard drives. ‘uth Davd Seat Bemetein Pus Pragmatic Bockshelt Price £25.50 10978 eens00700 ‘of programs running today that are hard to maintain and prone to breaking, They‘ a huge source of problems for anyone working in the IT industry, rom developers who have to wrestle with ther in corde to add new features to sysadmins who have to keep od cists running because the legacy code relies on an end-of-ited package. Beyond Legacy Code isnt book about how to solve the problem with the legacy code we have now its about how to solve the problem we will have wth legacy code in the future. In other words i's about \wtting code that will stand the test of tme and remain useful for year. David Bemstzin prescribes an agile ‘approach to this problem. He is keen to point Lz code refers to the vast number cut the importance of actualy beng agile not just adding an agile veneer to outdated software development methodologies. His approach is summed up in rine practices ‘hat, when propery understood, ensure that not oniyisagle development used, butts benefits are actualy rekse. Bemsteis advice is based on ahuge amountof experience and isnot only 28y 0 folow but easy to understand Thisisimportant because is only with this understanding thatthe principles can be properly applied to each project. Fewer than tl of al sofware projets are sucessful I more people followed the book, that would nereacedramatcaly, Ok Learning to write easy to-maintain codes a gift to your future set Reactive Programming with RxJS Ben Everard attempts to code using Newton's third law of motion. Author Seg Mansi Pubs Pragmatic Bokshelf Price E1218 Ison 9781660501292 ont cof thsi aboak Dieser eve Reazhentrtto otter dot bok bout bug ace websies Rubisco ateeose Sjotpyanmngttsiorcunue Sores tongoten NET ate hn ‘website design. In this style of programming, dati destitnsvee tatcnbe Msdandacted gen. These teas (ounce cova) ae py fervor celng woop dato Pace Poa wh Roose sorte on Pence doctpret ‘afrtarget Jaascpt othe fer tbe alr nthe one trait ho ty haere aayconus erring Se Mars 48 wastes no timein getting dovin to the nitty gry of RxJS and howrit can create readable, clean code where before lay a ‘mess of callbacks and event isteners, While Reactive Development exists in ‘most languages, this back is prabably a litle ‘00 tied to JavaScrit to be useful to anyone looking to gain the advantages in other languages. However, Reactive Programming with RxJS does cover RxJSin Nodejs ‘as well as the browser, so with this one ‘ome. you gain the skils to implement the programming style both on the server and for your end users, -Astaightforwatd oud to gt you started wih XJ quick. KKK FxJS: Code as neat asa knot of rainbow- coloured cables, ‘wor linuxvoice.comBadass: Making Users Awesome Graham Morrison finally gets another Kathy Sierra book athy sina ‘Rely 1999 s7a-1asn930019 ‘eve been huge fans of Kathy Sierta for along time. We first discovered her work through ORellys'Head First seties of books, which Kathy helped to formulate after co-authoringt first ile, Head First Java, back in 2003, Witten by Kathy and her partner Bert Bates, it combined her extensive Java training experience (from un Microsystems) with her ability maximise attention and concentration, pethaps thanks to her prior experience James programmer. That first book contained many Of the elements that have gone on to make the series so useful, But mostly, itwas successful because of what it dd not contain: in comparison to the average OReilly book there were far far fewer words, There were no lengthy essays, no wordy diatribes o syntax, no backgrounds or biography and defintely no reference material. Each book was composed Cf simple ideas linked together by nemeike images, phrases, charts and remarkableinsight. These ‘components were sewn together to ‘engage the reader from the beginning right through to the end Intheory, tackling big sub Javain this way shoukint ‘complex language that can take years tomaster, But Hea not because it’ a sugar rush of quick and clever ideas, but because itunderstands the limtations o ‘a subject through wor riters probably assume, fr exarr that most people who start a complex ely bock dont finish a complex ORelly book. Yet most of us shouldnt ‘ouble finishing any Heed ttle and even rereading it several times over And thats the series’ killer feature; accessibility via a natural nguage’stye of teaching ‘After suffering serious online assent in 2007, Kathy Making Users wesome Too often the goals of a company and the goals ofits users aren't just different but mutually exclusive” stepped out of the imelight, and it has understandably taken her along ime to venture back ~ fst with some excellent blog posts, then with some presentations, and now finally wth ‘anew book very much style Badass: Making Users Awesome is worthy retum, and its wonderful to seeher and her trademark teaching ‘approach back in print. Badass doesn take on the complexity ofa language lke Java, butit does attempt to answer a vital question relevant to ‘many of us, “Given competing equally priced, equally- prom hy are some products far mo suocessful than others?" ther your product is an app, a ‘game, a blog post or aprint magazine, Badass takes an othogenal appreach to helping yau understand how best to Feach your audience. purely from your Potential user's/teader’s perspective, It does this by persuading you to forget the’brand’ and concentrate on making your users fee! awesome after using ‘reation, Only then wil they become your vadass’ users and help your endeavour to succeed. It's a nable ‘approach that's utery right. ‘A fabulous read ltbough its unkly to Imake ue suesome overnight, wwuilinuxvoice.com BOOKS Py tae ere any etn Tey OMENS) 49OUOU SSS) FREE SOFTWARE LICENCES GROUP TEST If you're starting a new Free Software or open source project, you need to pick an appropriate license for it. Here are our recommendations. On test GNU GPL Pave? Ea ‘URL wivn-gnuorglcenses/ ‘gpF-3.0.enhtml Originator Free Software Foundation The license behind the Linu kernel and other big-name projects. Affero GPL ‘URL nvn-gnu.orglicenses/agpl html Originator Free Software Foundation Like the GNU GPL but with extra clauses ‘to make sure our freedoms are not ‘curtailed by “software as a service” BSD Licence URL ww opensource orglcenses/BS0- 3-Clause Originator Regents of the University of Calforia > Anopen source cence allows code to be pulled in to proprietary apps. Licence 2.0 ‘URL woww.perlfoundation.org/artistic license_2_0 Originator The Pel Foundation irten by Lary Wal and used for many Peilimpementaton and module. GNU Lesser GPL ‘URL ww gnuorg/copyetlesser html Originator Free Software Foundation ‘Aversion of the GPL that lets Free Sofware Ibravies be used by ‘roptay software. Mozilla Public Licence ‘URL vww.mozilla.org/en-US/MPLI2.0/ mozilla Srp tet rtaon Used by Firefox, Thunderbird, LibreOffice and other apps, aiming to Inidge the gap between GPL and BSD. 50 Free software licences ithe proprietary software Tivitssevincise softwarelicences, Many of us who oocasionally spend time on Windows or Mac 0S X ae fia with huge EULAS (End User Licence Agreements) which goon for thousands of words and contain rigiculous amounts ofjargon and legalese. So virtually everyonejust clicks accent without paying proper attention Infact. the stuationis so bad that one company, PC Ptstop puta notein ts software's EULA saying the ist person toemaila specific adress will get $1000 took four ‘months and over 3000 downloads before someone actualy read the EULA\n fll and requested the prize Herein the GNU/Linux wold, its very different Ouricences are intended to protect our freedoms, rather than take them away,and they're usually written with real people in mind and not just lawyers ‘They/re shorter, they're clearer, and they ty to explain how they want to help developers, users and (sometimes) software vendors benefit from access to source code. But there are many licences — and the differences can have abig impact on the success of an open source project. So for this months Group Test we thought weld step aside from software and look at the licences behind it Its good to beaware of thediferences asa regular Linux users, butts even more important if you plan to start ‘an open source project in the future, cor at last contribute to one. Well focus on picking out the ones that are the most beneficial to our software ecosystem as a whole. There are many licences, and the differences can have a big impact on the success of a project eC ues ed eed omen et Pees Pe Pe eae aoe m0 ra met? eee The Fre Software Foundation is keen Pe etic ce ied eee eet es Pere ey ‘wor linuxvoice.com Pte onary eee ees See er ee res See cord red er eerie ard Ce eer en rae aa) eee?FREE SOFTWARE LICENCES | eile Usis=Siy Asingle-clause licence Do What the ‘Flip’ You Want to Public Licence. ost ofthe licences inthis Group Mi ences Free Software and open source projects with multiple developers and thousands or milions of fnes of souroe cade, But what if youve written some srl snippet of code that you want to share with the worl but you dott want the cemmplexty of picking a cence, making sure allyour codes comaiant with t and distributing it GNU GPL Freedom through copyleft. 1 GNU project has contributed so I much to what we call Linux today (hence the use of GNU/Linux by some advocates) the GNU library, 600 compiler suite, Emacs and many other major software components that make up a free ‘operating system. But equally imaortant is the licence that GNU created: the General Public Licence. This is not just apiece of text describing what you can and cannat do’ source code, but a powerful document taking important sacial and ethical positions ‘with a goal of preserving and furthering our software freedoms. Back when Richard Stallman originaly developed the GPA, the main other ‘open ‘source’ ieence was the BSD Licence. This ‘was just a few paragraphs saying:here's some source cade, do what you want with it but give the original developers credit (we.cover this licence and its impact in detail later) While this cence provided developers with plenty offreedors,itcidn' forcibly preserve thase freedems, Anyone could take BSDicenced code and tuckit ‘away in proprietary software, so the original developers couldnt benefit from updates, Right from the start, the GPL takes 2 diferent approach, One ofits opening lines is:"The licences for most software and other practical works are designed to take away your freedom to share and change the works. By contrast, the GNU General Public Licenceis intended to guarantee your freedom to share and change all versions Cf a program” This guarantee" is crucially important if you release your code under the with your work (especialy fits longer than the codeitsel? Here's where you could use the WTFPL, ‘or Do What the Fig’ You Want to Public Licence. (You've probably gathered by now that Flips actually another word in the real licence tex.) If singleclause licence that has a tiny preamble and then says: 0. You just DO WHAT THE ‘FLIP’ YOU WANT 10, GGPL, it will ahways remain open for anyone to dawnload, study, ‘modify and reaistibute But what part guarantees these freedoms? Well Stalenan cafty used copyright law — usualy intended to prevent people from copying material ~ and used itto ensure that freedoms cant be taken away Because GPLlicenced software is copyrighted (eg by the rogramis author orby the Free Software Foundation), and the GPL is copyrighted document as well users of GPLed code cannot omit any ofthe four essential rights when modifying or distributing it ‘The four freedoms And these four rights are: the right to run the program as you wish; the right to study how it works and modify it; the right to istrbute copies; and the right to distribute your modified version, The GPL guarantees that these freedoms ate preserved, which is ‘boon for most of us, but can cause issues for some developers working on projects containing a mixture of open souroe and proprietary cod Indeed, many proprietary companies have put into piace a "no GPL" policy — don't even look at or touch any GPLed code, because if it somehow ends up in our product, we may have to release the whole thing under the GPL. We dont find this abig issue, however ~ the GPL is all about our freedoms as users ‘and hackers, and not to make life easier for megacarps ‘wor linuxvoice.com Inother wards, no worrying about rights for distribution, modification, inking patents or anything lke that ~ developers can simply take the code and do anything with it, Effectively its very much the same as putting your code in the public domain, It not very popula, though, as most open source developers stil want some credit for thei work even if they dont want to impose any other restictons, The GNU Project has brought us many awesome components fora fre 0S, but also a philosophy and licences to match, Uttimately the GPL isa rather long document at 5645 words although still far shorter than many proprietary app EULAS), and some developers take issue with its political stance and “enforcement” (‘ether than optional offering) offreedons. But we thnk’ an incredibly well thought- ‘out decument that has made the FOSS ‘community so strong, and just keens getting ‘more useful with each year. eas eee Pree esaree) ered peters 51FREE SOFTWARE LICENCES Artistic Licence As used by Perl and many modules. exmay okra soto Presets about hot and trendy languages suchas Goan but lon imyetatrmoge thts dre pty ofeertonsaves tun evo cseiyn tt proces Some cols cise Plog how im ucteralyelanuape cenpackino nots te char Lewes scares thet re teugh some mar nostaters overthe yess Te orga 1 verson fered otto isan fr beng toovagcin porary Ka with Pe eam an ee Sofware Foundavonioceste he Cares Peruse rise uence 20, are ‘Super Nintendo er this newer version, So, what does the licence specify? Well its very heavily fecused on what you can do with mocified versions (of aprogram. Youre allowed to take some code released under the Artistic Licence and make another program ut oft, providing that you ‘clearly document how it liffers from the standard version’. In other words, you demonstrate what you've changed, what youve added, what features you've implemented and so forth. You must also ensure that users ccan run both the rigina version of the modified version lator already use software and your Pet 6 wil use version 2.0 ofthe Artistic Licence. Heres the language's cheerful mascot, Camelia, Perl fr instance, you need to make sure that your new version does trample allover the oficial release (and Perl programs on a freshly installed simuitanecusly So if you decide to fork Linux instalation don run your version by defaut It's focused on what you 5 can do with modified ae been versions of a program Cth Mozilla Public Licence As used by Firefox and LibreOffice. swe seen the GPL is the best choice of license if your prorty's freedom for end users ~ that isthe freedom to study ‘and modify al pats of your software, ‘and these freedoms cannot be taken away, The BSD Licence, in contrast focuses more on freedom for lopers; specifically, the freedom to use code in proprietary products if desired. Both ofthese licences serve their target groups wel butis there a middle point? The Mozilla Public Licenoe may be the solution here This was oxiginally written by Mitchell Baker of Netscape back in the late 90s, as the browser Joper was toying with the id (of going open source. nits fst incaination as the Netscape Public Licence, it allowed cade developed in the open source community tobe incorporated into proorietary products, which didrit win applause from 52 Software developers, So the Mazilla Public Licence (MPL) was bor, and it tekes a clever approach: code that is licensed under the MPL must remain Under the MPL, even after modification, soit always remains free lke in GPLed code, But It's possible to mix MPLed code with proprietary code, creating a proprietary product. fyou make such ‘a product, you dontthave to release the proprietary code you wrote yourself, but you must make availabe the ML code you used along with any changes to it. Caudine fork inthisw Use MPLed code such as the source tree for Firefox, LibeOtfice and other flagship open source apos, and build products on top oft. If they add their ‘own separate features, they don't have torelease the code for those, and they {get a commercial tenet over the competition. But they modify MPLed ‘wor linuxvoice.com ‘Want to keep your code open, but don't mind it being ‘combined with proprietary code? Mozil has the solution. code created by the community, we ‘must get the changes back to benefit ustoo. VERDICT ead popesFREE SOFTWARE LICENCES BSD Licence : Another perspective Permissive and proprietary friendly. on BSD How the licence encourages adoption. ne argument in favour of BSD-style permissive licences that often comes pis adoption of key technology and standards. Ifyou want to get the whole world . > free eer etee palatable tas many people as possible. Oneexan OpenSSH, the ‘secure remote shell tool ubiquitous in every ‘moderrish operating system (even Microsoft is starting to use it). BSD fans have often claimed that the permissive i sshelped with ts adoption, because any company car start using it without having to think of legal issues or releasing changes back tothe world OpenSSH is a wall tes ngineered ‘The FreeBSD operating system is the most prominent example ofa BSD Licensed project. piece of software, and thanks tothe BSD very few people havea beef using it Note that unike the GNU GPL Yad it been released under the GPL, a lt of ‘companies and software vendors could have had concerns usingit and so: ‘vn versions and we'd have lots of potentially insecure, slightly in the internet. Maybe some companies would Who wins in the end? have forked older BSD Licensed versions and w the side effect ofthis li the situation would be a jolly big mess, take BSD-lcense Butasilis, OpenSSH has become the de facto standard for command In remate machines, and with pretty much the whole world using (and examining) the sarne codebase, strong project with a ord and no major forks cof this ke the GNU originally drafted w ating by thousands of projects. licence ~ today it BSD refers to th Distrib ompatise versions all over FreeBSD, Open8s famous for being portable t ing) As it stands t three requirements torecistnbute the software in source ‘and binary formets, with or without iding 1 souroe code contains @ copyright faimer (the latter say flawed ~ afteral mpanies that of ingle line of cod ence is arguably better he GNU GPL in that erspective anty binary only Ge freedom and 2 (although atthe ex freedoms) «simply want used as muc endorse or promote philosophy or pol beused software derived from it without specific in short: do what you want with it ‘The BSD Licence has helped one open source give us credit for writing ft dorit sue us projet to utterly dominate ina certain task. it breaks, and don't clain we support your wwuilinuxvoice.com 53FREE SOFTWARE LICENCES GNU Lesser GPL vs Affero GPL What do these two derivatives offer? ichard Stallman and the Free Software Foundation often get [/ G meanuctay, flak for not budging one inch ¢ oat aI ti0s 200 )8 when it comes to other philosophies s andideas. But we think this is unfair, ‘and one example of when the FSF has been able to compromises the GNU Lesser GPL (aka LGPL). Essential, the LGPL is very much identical tothe regular GPL. but includes an exceation it ets proprietary ‘software link to LGPLed software so that the former can use the facies of the latter Ths s especially important in terms of lioraries ~ collections of ‘software routines that an end-user doesnt run on their own, but which provide support for ather programs, Forinstance, the GNU C Library {Giibc), which provides various input The GNU C Library (glibc) cane mpg rs nt rr ee te ten ‘The GNU € Library is used as the C Nbraty in the GNU system and in (GNU/Linux systems, as well as many other systems that use Linux asthe Project Goals ‘Th GNU C Library ie primary designe to be «portable and Fi tollovs al ferent aerating 80 C11 End Posi t2000, rs also internetioneled and as one of he most ‘complete internationalzation interfaces known. Current Status ‘maths and other routines is released nage GAs ‘The current stable version of glibc ls 2.22. See the NEWS fle inthe gibe program can link to itand use its ‘The GNU Library isan important component of the GNU/Linux system, andis released under the LGPL. routines, without that program having tobe Free Software (eleased under the proprietary anp developers? Well when ‘your computer, they must (on request) GPL) aswell. Many other libraries have a Free Software library doesn't offer ive you the source code andlicence been made available under the LGPL, many more features than a proprietary as well But whatif youre not running ‘50S not uncommon tohave apiece of one, it's the lesser of twoevis ita GPLed software directly, but over the proprietary software that spends most proprietary app uses the free library, internet? Think ofall the web apps out Of its execution time inside routines ‘there ike web based eal cients provided by LGPLed ibraries, The Affero alternative yyou'e not technically running the [Now given that the goal of the GNU The Afferlicence tackles a different software on your machine, but merely projects to have a completly open problem. if somecne gives you the viewing the resuits of t running on ‘source operating system, why caterto binary of aGPLed program torunon remote one, so should you then be able torequest access to the source if that code is GPLed? Long before the emergence of cloud ‘computing, which brings up this very issue, Richard Staliman and others had noticed that t could become a problem, So work began on the Affero Public Licence (aka AGPL), which is very similar to the standard GPL but includes an extra clause dealing with “remote network interaction’ and says if people interact with your AGPLed $a renseenisem ores —€ 18 neotren = 2, ee eee Tight to request the source cade to that software ~ and at no extra charge. Tena Project group information Projects S Bore 54 ‘wor linuxvoice.comFREE SOFTWARE LICENCES [ee Usisssiy 4) OUR VERDICT Free software licences license is GPL, the world would look very intrinsically ‘best is very _aiferent today. Sure, we'd stil have mucha matter of some open source projects ike pinion andweknow thet some the BSDs, but thanks tothe GPL may disagree with our we have an enormous tapestry of findings here, And utimately, souroe code out there that was, is, diferent types of project have and aways will be free, The GPL iffeent licensing requirements, so makes us tink about the sacial worth using Aipstcuecacnet yucroyrrvor aco (a westiluse outofhabt its avery simple and short, andin many ‘wel thoughtout document that cases companies hat use BSD _—_WWW@pensoure.orficenses/BSD-3-Clause als with today’s concerns despite code tll conirbute their changes | Has very few requirements and permits usein proprietary ‘originally being back (such as LLVM/Ciang) Products. But as weve seen that’s not abways lad. ago Richard Stalman foresawhow Artistic, Mozilla, GPL and the software world would develop. all have their goals and purposes reated a licence toprotecthis too, Butultimately, the original GPL ‘work against it embodies the spiitand community Without apowerukcopye —ofFee Sofware theless. | MMRMNMMROMIRMPLS freedomceticercetiethe extent andthatsivhywelove | Matera tit ist ie Without a powerful, freedom-centric licence like the GPL, the world would look very different today ‘wn gnu orgficenses/agp. htm ‘Animportant fork ofthe GPL that deals with something were seeing more of apps running in our browsers. Bc Se ee eer ee havent included the MIT Licence here, endorse software based on it oi’ ee ee ees opularforopensouredeveopmentin Lowes andisothewicethesimels Mer aMaa erie) Pein rank teu akett Ag) GPLed software isthe best, we feel, but sometimes an LGPLed forthesimple reason that’s almost the youhavea popularpice of MT Licenced ICN Cette ® pee feat terete etree rey See eS eee er eet ee ee eer ree pene tee Pree eet ener e rns ee ee ee ear wn eet ee tes Oe eee ‘This licence has worked well for Pel and many ofits modules OCS MM | over the last few decades. Cree et ee eee i wwuilinuxvoice.com 55shop.linuxvoice.com EO Introducing 1 ‘Ge the magazine that: © Gives 50% of its profits back to Free Software @ Licenses its content CC-BY-SA within 9 months UK - Europe - US/Canada - ROW - DIGITAL UK SUBSCRIPTION Europe - US/Canada - ROW - Payment isin Pounds Stein, 12-month subseribers wll receive 12 issues of Linux Voice a year 7-month subscribers will ceive 7 issue of Linux Voice. f you are dissatisfied in any way you can write to us to cancel your subscription at subseriptions@linuxvotce.com and we will refund you forall unsiled issues, 56 wwuilinuxvoice.comNEXT MONTH IN LINUX EVEN MORE AWESOME! SASS Like theidea of CSS (and the attractive, consistent web layouts It produces) =F buthate the arbitrary fiddiness ofc? We have the tol for you and your website Media players Find the tools Free Software has to offer with which to depress yoursel watching Truy Madly Deeply and console yoursel listening to side 1 of Low Fosdem Mike Saunders braves waffles, beer and moules‘rites to report on Europe's biggest FLOSS gathering. Will he ‘come back in one piece? Find out! The hackers don’t stand still, and neither should you — learn their tricks to keep yourself safe online.eae ale. cy 7: Sparkling gems and new releases from the world of Free and Open Source Software Out benevolent editorial overlord Graham Morrison tears himself away y from updating Arch Linux to search for the best new free software. Circuit simulator Hardware designer ore of us than ever yout using, Theyre roughly Mien Soa tober around with electronics, programmers, wth automated ‘whether that building aD printer layoutand component ibraries for yourlocal hackspace or creating replacing syntax highlighting and your nm circuits for short AP eference material production runs. But unlike learning toprogram wheremstakescrea Better by design partoftheleaming process, the _KiGadis one of the most consequences for mistakes in comprehensive EAD suits weve Circuits can be more serous. found. its gat along history ~ the Circuit simulators (or Electronic inital release was in 1992 ~ and Design Automation suites) can help recent development has been vith this, not oniy by error checking partly funded by CERN, your designs, but by understanding _ its capable of serious resuts too, the properties ofthe components taking you from schematics design [Projet Overview Each projec contain as of diferent elements fromthe schematics oa Billo Materials ‘Bitrary You can instal atonal component bates tha ist capability and common pat numbers [i Schematics Designer Org and drop components and in them together to make ccs, the est them using the ERC ‘Router The push ad shove outer can make sue your connections are placed asefietas possibly {3.30 View Visualse your project, nid ll your components in lovely 30 OpenGL 9 Creu Diagrams Dropped ‘components fom the iary canbe connected to each eter, or impacted fom ether braies {Pca Caeulator Great for quik reference and for checking and calculating the values of ny components you need 58 ‘wor linuxvoice.com to PCB layout, and whileit wil struggle with large projects its more than capable of handing homegrown projects. Theres even a 30 viewer, which is perfect for studying other designs or visualsing your awn prototypes. ‘The only disadvantage is that these capabilities come with complexity, and tsa cificut suite to get started with, The schematic designers very powerful, for example, letting {you drag and drop components into your designs and change their values easily but you stil need a (good groundingin electronics for those circuits to make sense, even with the Electrical Rules Checker, which checks for logic erors ‘against cornponent and pin types. Even f you are a beginner, KiCad ‘sa worthwhile installation, and this being open source, many designers have shared their own schematics which can be altered relatively easily. Version 4.0 is a major update ‘and includes OpenGL accelerated Caro enabled rendering, new ibraries and the excellent 3D board ‘endering, which looks brillant on complex circuits, There's also CERN's interactive Push and Shove router, which has been pat of the alpha/beta since 2013, This is for advanced users, and way above our electronics ability but it promises ‘automatically ‘pushed track routing nen creating your own designs, hich at least looks really impressivein the YouTube videos explaining its function tprhicad-peb oraLatex editor Texmaker 4.5 ster bat omnes eingiorelie caqebecfsunnngresda ard tte eau tom evord pores: pateae dpe raporsneandafapabe cca when gor css Ideereng one dons Wine coe put wet tonnes an Vin tera sevcl get gta pleats trove ease th Toralerbagour cure inoute hd easy mole tansy ead ort domnara rayon nesaes ard dependences ard terete pevenswinihe ican ged onaeing Cigunboncutacet te takngsurthecommans neo Screen capture Spectacle here's been litle recent innovation n soreen capture tools. This might ‘seem a tie unfair considering their basic and utilitarian function, but ‘we fee there's sll plenty of potential for new features, especially as we typically take dazens of grabs a week Our screengrabber of choice, at least forthe KDE desktop, isthe Create New User to define a new adminstatac Tobin the process of maging compute head tolmage Management» Create New Image Use the fields in the form to describe the image. For example, lets assume vere creating an image of an OpenSUSE 4211 instalation that wel then use onal our ‘workstations. We can name the image Workstations/ Desktops’ and use the Operating System pulldown menu to specify the operating system of this image, thats Liux Finally select the corectaaklayout scheme from the image Type pulldown menu. Our (OpenSUSE instalation is ona single disk with mutile partion so well select the second option, S@sepegreseon Image Management ‘wor linuxvoice.comDRegister host and associate image Nowhead tothe computer with OpenSUSE 42.1 that you wish touse as the base image and boot it up Since the computeris set toboat from the network card ti isplay the PXE boot environment from the Fog server. Sorll down the Fog menu and select the ‘Quick Registration and inventory option, The Fog server wil nov scan the computer and adit oits repositry of know hosts ‘When ts done, power down the OpenSUSE computer and head back tothe Fog server Fee up the dashboard andhead to Host Management > List ll Hosts. You should now see the OpenSUSE machine liste here, which by defaultsidentfied by its MAC address. Clckon the ect con to change it to something more dential, ke OpenSUSE 42.1 Most importantly use the Host image pulldown menuand select the Werkstatons/Desktops option for the image you cated earlier G Register target machines Before you can deploy animage to another compute youneed to fist register it with the Fog server. The registration process the seme as before. Boot the new computer from the netwerk which should detect Fogs PXE environment. And when it does, select the ‘Quick Registration and Inventory option, (Once the computer has been added to Fags repository of known computers, login tothe Fag dashboard and head to Host Managernent > List All Hosts, Just lke before, click onthe edit icon corresponding othe newiy added machine and renameiitso that ts more identifiable, and associate the Workstations/Desktops image with this computer using the Host Image pulldown menu. Repeat the process to register allthe computers with the Fog'serer, then edit them inthe Fag dashboard togyethem aname and associate them wth the anproprateimage, Host Management ‘Gimage the host \Weire now all set to image the OpenSUSE instalation. Head to Task Management > List AllHosts, which wil list the recently added OpenSUSE 42.1 machine Under the Task section, click on the green uploed ow corespandig to this image. Fag wil ive you ‘mutigle options to schedule the upload task. You tinker with thesein the Future, but fr now its best 0 with the default option for instant deployment ‘Now head tothe OpenSUSE machine andboot itp tll again detect Fis PXE and automatically image the machine and upload ito the Fog server The process wil take some time depending on the size othe cikthas to image, the processing capabiltis ofthe computers involved and the speed af the local network The OpenSUSE compute will restart onceis dane uploading the mage. Thats al there's tit Repeat steps 2-4 to similarly image any ther computer onthe network n {© Deploy the image Now to replicate the OpenSUSE image onto the ather computes, head to Task Management > List All Hosts Browse thelist of host o find the entry for the computer to which you wish to deploy and hit the corresponding down arow Download image button Now head to ths workstation and power on. The computer's PKE environment will automaticaly detect the task rom the Fag server and begin copying the image fiom the server on tothe cal machine. When i's done, youll end up witha mir copy ofthe OpenSUSE 42.1 installation on this workstation Besides deployment tack, you can create various athe types of asks to check up onthe computer and its installation. Cick on the gear conto bring up a lst of several deployment options suchas Test Disk or Password Reset. Select one and then power onthe machine to automaticaly launch the task. ‘wor linuxvoice.com FOG BU iiVei Ns 67[NALS SQUID PROXY SQUID: CC — ee BRC NSN Shield your browser from the ravages of the web and use a proxy as protection. BEN EVERARD Ta bandwith cee) Peet roxy is something (or someone) that A performs an action on yourbehalf. In the case ofa eb proay such as Squid it fetches web ages for you Ifyou configure your browserto connect toa proxy rather than the internet tdoesrit dowload the pages drecty Instead itsends 2 message o the proxy indicating which pages are needed andthe preny gets them and sends ther to the webbrowser This may all sound very pointless, but by having a proxy between your browser and the web, you can fine-tune the way you comeet. Since many machines can sherea proy (it doesnt haveto be runing on thesame machine that uses youcan quickly configure the way your web connections work across arange of devices. Saudis the most popular proxy for Linux ands As many machines can share a proxy, you can configure the way your web connections work on several devices Configuring your proxy at 0S level mill ensue tat it gets picked up by al your software that connects to the internet available in most distros’ package managers in a package called equid or equid. Before jumping in and instaling Sud its worth thinking aitle about what machine you want to installt on. you only want touse aproxy ona single machine, you may as well justinstalliton that machine. However, as we said ‘wor linuxvoice.com before you get the best out of Squid when its shared between many computers. n order fortis to work, ‘you need tohave @ computer tats usually tumed on ‘and attached to yourlocal network If you've aleady ‘got ahome serve, thats the ideal machine to use as ‘8 Suid proxy Its realy easy to copy the coniguration ‘over from one machine to anothey, soi youre not sure, ou can justinstaliton yourmain machine to ‘ny itout and then change over toa cfferent machine loterif you find useful ‘Once you've installed Squid from your package manager, youll need to make sure the service is started. The method for this varies ail, but the following will work on most modem cistros: ‘sudo service squids restart ‘You can check thats running corecty by tying to.connect your web browser. In Firefox this isin Edit> Preferences > Advanced > Network > Settings. Select Manual Proxy Configuration and enter the HTTP Proxy as localhost (or wherever you installed Squc) and the Port as3128, Press OK to accept the settings f you Use Chrome of Chromium, youl have to st the proxy details atthe OS level. The method for ths differs, between distros and desktops, but should be possible inyour network settings app. If you can stl view web pages, then everythings ‘worked, You can also double-check that everythings ‘going through the proxy by looking in the access log, ‘You can do this wit ‘sudo tail varlog/squid/access log Distos other than Debian or Ubuntu may store the fog ina different place ‘Thats al there isto getting a web proxy nsnning ‘on Linux, However to really get the most our of your Proxy youneed to configure itto your needs, Getting personal “radtonaly the mast common use fora proxy has been to reduce the bandwith use, by sharing a ‘temporary store. fone person connected tothe proxy requests, or example, www inuxvoice.com, hen the proxy fetches ths from theintemet and passes ton. if a second person requests the same page the praxy aeady has the data for ths ste. soit doesit nee to request rom the website again itjust passes it sttaight rom the proxy cache othe second persorisweb browser. The advantage of this varies alot depending on who's using the web connection. If youre managing a corporate or school network, there's a good chance that you could save quite abit ‘of bandwidth. If youre managing a home network for just one or two people then the benefits are ikely tobe less, but itcan stil be worth doing especially fis not as fast a connection as youd lke By default, Squid wll only proxy flesin 256M of ‘memory. Ths isn't very much, soit prabably won't have a noticsableeffect on your web brovrsing, There are two options to inerease it you can increase the ‘amount of memary available or you can configure ‘Squid to use the hard drive for the cache. Both of ‘these are configutedin the squid.cont fie, which is usually found in fete/squid3, ‘To make more memory availabe (for example, 1168), open this config fle with your favourte text eeitor such as with ‘sudo nano feteequida/equidcont and find the line ‘ cache_mem 256 MB “The hash atthe start of the line means that its ‘commented out; however this s also the default ‘amount, so deleting the hash won'timmesiately change anything. Instead, change theline togivea diferent amount of memary tothe prexy such as: ‘cache mem 1024 MB “To change the disk caching find the line that starts, with: eache.dir “The options on this configuration line allow for very fine tuned control over the cache. The first argurrent is the storage method to use. There are several ‘options that each have cifferent payoffsin terms of space efficiency and time efficiency and other aspects, but unless youre running a really high-traffic proxy, the default of usf (Uno File System) should work fine, “The second argument is the location of the cache. Iwill bea directory structure rather than just a single file, and the default location isin varf spool, though “anywhere to which the Squid user has write access is fine, Following this are the arguments for UFS, ‘These are three numbers the frst of whichis of mostinterest tous, as is the total amount af space that Squic'can use on the disk. The second number is the number of subdirectories that can bein the cache foot, and the third number is the number of subdirectories allowed inside the frst set. The defaults for these two are fine for most uses. To create a 1B disk cache, change the line to the folowing ‘ache. ir ufs var/spool/squid3 1024 16 256, ‘Onoe youve saved your changes, you ust need to ‘ell Squid to reload the configuration Fie with ‘sudo aquid2 -k reconfigure ‘Advertising provides a good way for awebstte ‘make a tle money to cover the cast of hosting the site, Popular websites can also earn enough to pay SQUID PROXY ‘Configure Proxies to Access the internat Fierce auto detec prony settings for this nebwork © usesystem proxy settings @ Manual proxy configuration urteprony (locos J port [3128 3 Tse this proxy server or allprotocols localhost Past: | Port: | Port: { OS0cKS v4 @ SOCKS ¥S [Remote DNS No Proxy for: Tocalhost, 127.001 SSLProxy, ETPProxy, SOCKS Host: Example: mozilla.org, .net.nz, 192.168.1.0/24 (© Automatic proxy configuration URL: (1 bonot prompt For authenticationif passwordis saved Helo) ont | peopletocesteconen, son this regard tyre TRE or conuatin someting rat we ll beet fom However hugh Teeth TE and RVeemienerenamnenceen Ee invasive advertising, where adverts biocked large Portions ofthe site and aggressively tracked people tn the stein an attempt to squeeze pennies out of them, The results that now a sizeable proportion of bandwicth and CPU power is spent on rendering ‘adverts that the viewer didnt want nthe fist place. ‘Admonish ads ‘There are already a number of options for blocking adverts ncluding web browser plugins; however, ‘many of these plugins are themselves nefariousty tracking users and feeding this data back to the advertisers. f yourun a network ether at home or werk you probably also have a number af devices — and woukintit be much easier if all of them could have their adverts blocked at a central point? if you do itwith your proxy, every machine that connects through the proxy automatically has adverts removed. ‘Squid uses Access Control Lists (ACL) to decide hich traffic tole through and which to block, so 10 block adverts, we just need an ACL that will identify which bits of waffic are adverts and biock these, Inweb access lingo, this is termed a blacklist. The opposite ofa blacklist isa whitelist, which contains details of traffic that we do want to let through. Blackists are available online both for free and ‘commercially,and which ones right for you wll ‘wor linuxvoice.com 69SQUID PROXY By default, users visiting blocked sites wil be ‘served an error page, ‘This is configurable in squid. conf depend on what level of blocking you need. youre blocking adverts (ike we are here), a fee blacklist is probably sufficient, since its nat a problem ifthe ‘occasional advert slips through. If you find yourself relying on Squid to enforce network policies, then its ‘worth investigating further options. \Well use the blackiist from http://pgL yoyo org/as/. Its quite comprehensive and uses regular expressions tokeep upto date with changing subdomains Youll need to select the type as ‘Squid ~ As Squid Dstdom_regex Fe’ tck the View List option as Pain You may want to block Facebook during weekdays, and only allow access in the evening and at weekends 70 “Text and then press Go. This will open the fle in your browser, so save to your hard drive with the name advertdomains You can configure Squid to look anywhere you tke for tis file, ut in the interests of keeping everything Contained, its best to place it inthe Squid config directory, 0 copy it and change the owner of the fle tothe Squid user with ‘sudo ep advertdomains /et/squids/advertdomains sudo chown proxy /ete/squid®/advertdomains This should work on Uountu- and Debian-based systems If youre on a different distro, yournay need to.change the location of the config directory and the username of the Squid user. Check your distros documentation if you have issues with this. "Now you need to open squidL.conf in your favourite texteditor and add the lines toload and act on the blacklist: acl ad-domains dstdom_regex"ete/squid3/ advertdomains" bttp_access deny ad-domains ‘The irstline creates an access contol ist called ‘wor linuxvoice.com ‘ad-domains ofthe type dstdom_egex and loads the data fom the fle fete/squid3/advertsdomains. The quote marks around the file name are important, because without them, Squid wil attempt to interpret the file location rather than the fle contents as the blacklist data. The second line creates a ule for http. access, Ifyou wanted to create a whitelist rather than blacklist you could use allow rather than deny. Once youve saved those changes, you can reload the Squid configuration using: ‘sudo squid3 -K reconfigre Now adverts should be blocked on all browsers that are routing through the proxy ‘Access denied ‘urabove method of blocking acverts was easy to set up because we had a ready-made blackist in the Tight format. However if you want to block other categories of content, you wont always find blacklists in formats that Squid can understand, Fortunately Linux gives us plenty of text processing too's that we can use to transform everything we need intos foxmat that Squid can work with, There's a great set of lacklsts put together by Shalla Secure Services are available at ‘www.shallalistde, This website has a download link that will grb a tarball you can extract to get blackists fora range of cifferent categories of material In each subfolder of the main BL folder, youll find a domains. ‘ext file containing one domain per line of content that should be avoided in tis category. There are two problems with this. First, quid won't automatically ‘exclude subdomains unless the domain is preceded with a dot and second, Squid wil throw an enor if the listincludes both a subdomain and a higher domain preceded by a dot. we want to use the Shallalist, we need to remedy these two problems. Open a terminal and navigate tothe subfolder you want to ban Toadd aleading dot toll the ines, use the following command, which matches the startof a line ‘character (4) and inserts a dot ‘cat domains | sed's//'sdomainsquid ‘Solving the second problem is atte trickier We ‘need to remove any ines that are subdomains of domains that are included in the fle, The fist task ‘Sarg (Squid Analysis Report Generator will parse your ‘Squid logfile to create a report to help you understand how your internet connection is used.SQUID PROXY BUUUOi/ SEI As here is to make gure thatthe fe is sorted so that al the subdomains are listed underneath the original domains. Anotmal sort wont help us here, because the subdomains areon the left af the demain, and sort organises a Ist using the letmost character. The easiest way around this i just to reverse each ine before the sor, and then reverse again atthe end. We ‘can do this using the rev command. Once this is done, ‘we can use awk to match the demain against the ‘same number of characters on the line below. fhe ‘womatch then the second ine isa subdomain ofthe first ine and it shouldnt be output. Altogether this is done with the folowing command: ev domainequid|sort| awk 'NRI=I&daubsti(600Jength p))==pinext}(p=$0""prin}|ev > newdomainsquid ‘Thislistis a datdomain type in Squid, 0 youneed to ‘add the falowing ines to your squid. conf. acl blocksites dstdomain ‘/ete/squids/newdomainequid” Intp_access deny blocksites ‘When you reload the Squid configuration, this will blockall the dornains listed in newdomainsquid. Vorcatacummyatoeietnree: —vtkheatkyoiderniihsteswetates — pepidenttie Uepaisclysigeeshetenadfectrane eaonbeteaidycrinoftewest ror amen dele | (esate reranerer) caekjuromereiclicroaca| | | caeeeenttn. wcedabgwedconanientovecaosn — eimean ucts Fine tuning the evening and at weekends. You could da this by _evenif you've broken your RecsstmtclLsterblerorenarcadconl aking cng yer acne ihetoeaee tonargydoagatecng neater ASS eM Useful altematives's the use of time-based controls, el facebookdomain dstdomain facebook com Ec Rosca SE ‘tases any acaba eee “Te first ine defines an ACL wth the time ype, anc (phe ahh te ha this takes two arguments The frst arguments the Lea ERGO RRM ict of days tomatch on (hiss the fratieter ofthe the network to be on). Obviously, when choosing a machine day, except for Thursday, which is a H, and Saturday, eee meee MRSA ich san A). The second arguments thetme a oud (uch as aspen period to alow mv ‘The first http_aecess line combines two ACLs and ‘router firmware doesn't come with this option, but if your only lets @ web request through ifit matches both of ee neers te ACLs. We also need the final ine to deny other CREM IMEE cequesis otis domain. inthis example we've just Ce Leary sed a single domain, but exactly the same approach PIETERS RRRER coud De used wth on ofthe domain Iss fom Shaka er rPnenrRneriRM | (oreraroe)blckall eb chat at xan times fibelreiottitayreineri rate Sits Ip.access docs awa way of combining ADL so that acces is granted ether one the ther AC. s atchednstead hs con ‘be done by creating a http_aecess allow line for each allowable combination of ACLs folowed bya http_access deny line. Facebook is served over HTTPS, so narerfor tis bloto wor youhave ‘tomake sure that your browser is configured to Sencencyoted pages tote rb 2 We 35 cnenerypted ones. nef ths seetinthe proxy cenfigratien pge on the SS- ne nNUON) EDUCATION BUILD A GAME WITH GPIO ZERO AND SCRATCH Remember Operation? Of course you do — now make your own! hardware project in this case @ homemade “Operation” garne where we have to save the robot. We have three lives andif we touch the metal of the robot we lose a if, whichis indicated by one of three LEDS turning off and the buzzer sounding, This project uses 2 simple method of input: the surgery tools tumed on with eurent, and when we touch the foil around the robot, we connect to Ground, causing the tool to tur of, triggering the cade to execute. LES POUNDER Pesscincrs. TE ees ener Seed ais To code tis project welluse two methods, ea cone aimed ata ferent level of user. For example, Toots RenomeD Begimers a am to hack wh Seth whens *ARsspbety Phung mere competent coders can use the new GPIO Zo release Python lary, which removes alt ofthe hassle of 3x1 Using the old APiGPIO Python brary. 32200 resistors The circuit diagram fortis project along with the +Nle-ferale jumper fullcode listings and other images, canbe found cables ia Our GitHub repository at https://github.comy =Nale-malejumper cables esp/1V24-Dr-Robot or you can download a Zip fle = Abuzzer Containing al ofthe project fies fom https/thub. oe com/lesp/LV24-Dr-Robot/archive/master.zip. + Masking Tape + Ari Foi PROJECT 1 - SCRATCH Wire YoulIfind Soratch in the Programming menu of the ia latest version of Raspbian (Jessie). To start coding we “Aten mueedan hl use locks fom tel fhe srean and ag ther into the centre coding area. We start with a hat block: inthe Control palette, Look for ‘When Green Flag Clicked" and drag it into the coding area. Silin he Control palette look for ‘broadcast’ were going to create seven broadcast blocks, each used to configure the GPIO. ur frst tums on the GPIO server a script behind Beginners can learn with Scratch, while more competent hackers can use the new GPIO Zero Python library the scenes that enables Scratch to talk to the GPIO, \We are next going to create four configurations for (GPIO pins numbered 17,27,22 and 10, tuming them into outauts, We configure GPIO9 tobe an input for ‘our surgery tod), before finally we create a broadcast 72 ‘wor linuxvoice.com Our finished project isa mix of arts materials, electronics and aluminium fol eruits and uses many different skills ‘across the curriculum, totum on three LEDs ~ mere on that later So you should have When Green Flag Clicked ‘broadcast gpioserveron, broadcast configi7out broadcast config2Tout ‘broadcast config220ut Droadcast configioout Droadeast confgdin Droadeaet SLED Now lets createa new section of cade. Grab another When Green Flag Clicked block from the Control palette, then a Forever loop and attach itto the Green Flag biock In the Control palette you wil Repeat 10 ~ drag it inside the Forever loop and ange 100 2, as were going to sound the buzzer attached to GPIO 10 twice for half second intervals, add the folowing blocks. broadcast gpioldon_ ‘waito5 secs ‘broadcast gpiolOoff Now we come out ofthe Repeat 2 loop, but stil inside the Forever loop. Drag a Repeat Until loop from the Control palette so that itis under the Repeat 2 loop, and inside the Forever loop, We now need to create a variable, sa goto the Variables palette and create a variable forall sprites called Lives. Once it created, drag the Lives block tothe coding area and putt soriewhere safe, Now frorn the Operatorspalette drag the LA. = block and place inside the blank space atthe top ofthe Repeat Unt block In the righthand blank space of LAL = UL type the ‘number zero and inthe lft drag the Lives variable {and dopitinsde. Now any code inside this section vill run until the user uns out of ves. Wennext need o drag an Ifblack placing itinside the Repeat Unti black We also need another AL = inthe blank space of theif block Add a zero (0) totherighthand side of the A= block Forthe lefthand side we need to read the state of our surgery ‘00, which willbe 1 (on) or when touching the foil 0 (off). This block willbe in Sensing, but first we need toactivate our code to register the GPIO pins, so cick ‘onthe Green Flag in the top ight of your soreen. Now return to Sensing and look forthe Sider Sensor Value block Clckon the drop-down and youll see GPIO9 Change the block to GPIO9 and crag itinto the left blankofAL = UL, Inside ths f condition well create another Repeat loop, this time for three iterations. Each time it wl tun ‘on GPIO 10, wait for 0.2 seconds, and then turit off before waiting and repeating the sequence Breaking out ofthe Repeat 3 oop bur stil inside the If condition we now need to change the value of the Lives variable by-1. Inthe Variables palette you vill see ‘change ives by 1° ~ drag itunder the repeat 3 and change the valve to-1. Now drag a “Say for 2 ‘sees blook from the Looks palette and use it to tell the player they have lost aie Under the Say block we now place an if condition that will compare the value of ves against an integer, ‘weil need the LX. = LX block from Operators and the Lives variable, which goes inthe lft LL = (fn the right-hand side, type"2). Inside the Ifconditon ‘we willcreate anew broadcast block called 2.60, Repeat these steps for ILED and OLED Place each if ‘canton under one another. ‘We now break out of the Repeat Unt Lives oop ‘but stayin the Forever oop. We drag another ‘Say Crt ee ee eed Peer ee ie Se ae eee] ner ene eos ‘could design the tein of Mars; and in computing they aco) Sera tee eee eet Sante) ens er na rd eee eee eter) ce eee ee oe om ees) creer eee ees poeta eer es EDUCATION Our project is a rather simple crouit that sits inside an Ad document holder, witha lovely picture ‘of arobot stuck uponit. for 2 secs" and use that to say Gare Over, weet change the Lives variable so that we have 3 lives. Lastly we create a broadcast LED" Remember all those OLED, 1LED broadcasts that we created eater? Now we'e going to create ‘sequences of code that respond to those broadcasts, Inthe Centro palette lock forthe ‘When | receive hat block. Drag itto the coding area and change ito LED, then underneath the block add three broadcasts and edit them as follows, ‘broadcast gpiot7on ‘broadcast gpio27an ‘broadcast gpi220n This tums every LED on; to turn an LED off we simply ‘swap the on for off Now repeat this structure for 2LED, 1LED and OLED, remember to be consistent in which LED are turned off So that, save your work and click onthe Green flag to play the game. PROJECT 2 - GPIO ZERO We covered GPIO Zera in LV23, and since then ithas, been included as standard in the latest version of Raspbian, so no installation is required. For those Using an older version, please refer to https:// pythonhosted.org/gpiozero/ install or installation instructions From the Programming menu open the Python 3 » Idle agpication. Youll see @ Python shell open, cick ion File > New Window to open a new project window. Before you progress, save the blank document as Dr-Robot-GPIO-Zero.py anit remember to save your work regulary \We start the project by importing three classes from the GPIO Zero library handling the LEDs, the buzzer and our surgery tool, ihich is classed as an input (button) We also impor the time library o control our game pace, from gpiozero import LED from gpiozero import Button from gpiozero import Buzzer Import time Next we create five variables that wil each store the GPIO pinused forthe LEDs, buzzer and surgery tool ‘wor linuxvoice.com 73EDUCATION Teeraharaneroehratnoge Programming the project with the latest version of Seratchis an excellent introduction to coding for beginners, 4 ‘We cal the relevant class LED, Buzzer and Button, and pass the class the GPIO pin as an argument lifel=LEDGT) lifea = LED(27) life3 = LED(22) buzzer = Buszer(10) tool = Button(s) Now we create a function to handle turning an ‘multiple LEDS to represent the number of lives we hhave left. The function is passed an argument, boeing the number of ives we have, Then an if. lif concitional statement is used, the numberof ives passed as an argument is campared to hard-coded values, and the correct number of LEDs ae it def life_counter(ives): iflives ==: 1ifeton)) tifezon0 life3.on0 citlives == 1iferon)) 1ife2on9 1ifes.0f10 ifexon)) 1ifer off) ites. off) lftives == 0 lifer ifexotf) lifes off) Next we create anather vanable to store thenumber flies, in this case three, We then use the variable as {an argument and call the function that we have just created. ‘wor linuxvoice.com lives=3 1ife_counterives) ‘So naw we move into the logic that for our ‘game. We start by using an infinite loop, while Tue, which will constantly run the code. We introduce a 0.07 second delay to reduce the hiton the CPU and ‘ensure that our code runs smooth, while True: time sleep(@.01) Siilinside the infinite loop we now create a for loop, loop that will iterate a set number of times. In this for loop we shalinstruct the buzzer to sound, indicating thatthe game is ready to be played, We tun ‘on the buzzer, then create a 05 second delay before ‘tumingit off followed by another detay, foriim range}: ‘burzeron() time sieep(05) Between the robot picture and plastic case we have ‘aluminium foil connected to the Ground of ou i “Touching the fli hazardous tothe robots healthDuzzecoff) time cleep(05) \Wenow come out of the forloop and create a new loop inside the infinite loop. Here we usea ‘while the number of ves is greater than zero loop. We evaluate the value ofthe lives variable each time and check thatitis greater than 0; ifthati the case, the loop repeats, We also introduce a delay to pace our code, while Hives > 0: time sieep(0.01) Inside the while lives » 0 oop we create a concition tocheck against this ime we are checking to see if ‘the surgeon has touched the aluminium foil triggering loss of life. When the fllis touched, the GPIO pin attached to the surgery tool goes from on to off (True tose, 1100) and this is @ change of state used to indicate an error iftookis_pressed: So ifthe surgeon makes a mistake and touches the metal the tooLis_pressed condition is tue and we Create afor oop that willbeep the buzzer three times in quick succession fori in range3) Dburzerond time slee(02) burzerott) time siep(02) Breaking out ofthe for loop we next create a delay before printing that the userhaslostaife. We adjust the lives variable and one life from ts current value. Finally we call the life counter function and pass it the number olives thatthe player has let time seep(01) rint(You ost life’) ‘breadboard isan ideal place to build your project. You can quickly test and take apart your project forthe ‘optimum layout EDUCATION More foils used foreach hole, to create a single Circut foreach hole, Each circuit connects toa ‘Ground pin on your Pi, but you could lnk al the holes together and use just one ‘Ground pin, Inur final section of cade we break out off tool is_pressed condition and return to the infinite loop. \We now have @ condition that will activate when the ser has no lives left. f that’s true, the text Game Over is printed tothe screen. A three second delay takes place before we change the lives variable restoring the three ives thatthe player rece’ves; this is then indicated by luminating the LEDS, iftives = 0: print('Game Over") time sleep(3) livess3 life_countertives) Ensure that your code is saved and when ready click on Run > Run Module to start the game. What have we learned? For this issue we highighted how one hardware project can be coded using two different methods. Seratch is great at illustrating how the sequence of ‘code works as it is very visual with the design of blocks and loops, and GPIO Zero enables anyone to dlp their toe into hardware hacking with Python, which is great for children who want immeciate results from thee projects. Coding is great activity but we should not remain tied to just one language. Once you understand the logie of programming then this knowledge can be transferred to other languages such as Ruby, Perl or JavaScript and ths s key skill for children to grasp in the new Computing curriculum, i ‘wor linuxvoice.com 15NUON) MARIA DB MARIA DB: LEARN THE POWER OF DA How to live happy with MariaDB, and reuse its data in ways you didn't know existed. MARCO FIORETTI TR een earner coronary Sanh erg ert Soot per Sort Pere Sets dynamic website, youre using a database, And the more you go on, the more likely itis that you will have to recover those databases from some disaster, or process them in ways that are not possible using only database software, ‘database is an archive of data, structured in tables and stored in low-level binary containers, I'you could look inside a database, each of ts tables would resemble spreadsheet, with data ofthe same kind in their separate colurnns, and different data about the ‘same entity (n database lingo: entry, oF record) alin the same row. The ‘Customers’ table of a shop database, for example, may have columns like “Customer code’, ‘Customer name" and"Unpaid ‘orders and each row (ach record), would describe Cone different customer. database is what's known as relational when you can define and use precise relationships among its tables, and the software that manages ths is called an RDBMS (Relational DataBase Management System). A.column that uniquely identifies each recordina table ofa relational databases called its primary key, Relations between tables can be enforced by defining some colurnns of one table a foreign keys in another. Inthe shop database [= se any Linux desktop, or have any kind of A database is an archive of data, structured in tables and stored in low-level binary containers ‘above, this would ensure that you cannot enter, in the "Orders' table anew order from a customer who does not already exist inthe "Customs table. The standard way to work with relational databases is via commands in an ad hoc Structured Query Language, or SOL for short. You may issue those ‘commands indirectly through a graphical terface, or indicates the Linux prompt &is the MaraB one. Most Mariab8 ‘output was also removed for brevity) ‘> mysal BLUSE Mya {4 CREATE DATABASE testa; ‘&CREATE USER linuxvoice/@ localhost IDENTIFIED BY PASSWORD testpn {LGRANT ALL ON testdb TO tinuxvoice localhost; ‘2 FLUSH PRIVILEGES, “The first line lunches the MaraD8 client. Depending on your Mariab8 default settings, you may have to run it as root, whenever you want to create or delete databases or users, Reriember that MariaOB users only exist inside ManaD8, but have nothing todo with ordinary Linux accounts, including the administrator one which kein Linux, is called ‘root ‘The fve commands above are what you should type atthe Maria prompt in order to: {Go into the ‘main’ database of your instalation, which stores metadata about all the others Create a new database called testdb. [Ac a MariaDB user called liuxwoice with assoc testpw. {G.Grant that same user al privileges on al the tables in the testdb database. You can create as many databases and users a8 you want, and then restrict what each user can see or do, with the ight ootions to the GRANT command 1B Tell the ariaDB server to flush the old privileges configuration, to load the new one Once you have created a database, you can lo in to MariaD8 as a noxal user type the corresponding password and start creating tables, which you may ‘hen fill ith data “ mysgl-ulinuxwice -p ‘RUSE tect |LCREATE TABLE friends ( °F-1D" init) NOT NULL AUTO_INCREMENT, “Birthdate’ date NOT NULL DEFAULT 0000-00-00, DE Cy Dern, eee rea nr ee ee ees eer ee eae ere ett eens se identical Se eet Peet Re ae oi re eet re ae a possible to talk toa Mari erver fom the MSL cet ee ead ee eee Coenen nen LUNES TUTORIAL LV 322 O1/12/10Un aetacouateae qu he succede tt stop2ons-mneth 103 09/03/1000eCan 2010: OOF sept ae OOF fut /fnforetcorv20! (08/04/100penote org Conerence 2010: preperntfreesoftware zon (05/09/10Ft formats fo but nd preserving D> nforettcom20! [08/11/1005 fermats, ota ans ervees ts mpts/2010/08/epe-Areat (05/21/10Payg attention when ahd of hacker tp//stop.zon- met 110/01/100pa ata, Open Soc tthe Open Wo tp nore com 20 10/04/20Ceate CpesOacamane woke ard tve Mp retour 208 ‘810 10/07/10cemune anh cerietes fr srt PD /809 On me 4312, 10/10/100wersty. Freedom na Eaucation atte Chtpdtep zone me 112 10/10/10 F ry doy doa be LONIO/IO! stepson B13, 10/10/106enrate Opedocoment sprancsbeet fee reson 208 You can browse and edit MariaDB tables with LibreOfice as in this ‘sereenshot, but only raw ‘place’ enum work'fhigh school, ‘college neighborhood) DEFAULT ‘neighborhood’, "paame’ varchar(255) DEPAULT NULL, “adress” varehar(265) DEFAULT NULL, ‘SOL and the other methods = described here can process These commands create table inside testdb called them automatically. fiends, along with its frst fve columns, each with a aifferent meaning and a matching (MariaD8 data type: unique numeric identifie, a date in YYVY-MM-DD format, 2 predefined set of text constants and finally two stings, to hold each friends name and address. As above, this is an incomplete snippet of code, only meant to show the ook and feel of MariaDB, coo Pee ety TRS hed earner ree) ee ee prereceTts Playing with records ifthe fiends table above only had those five colurins, you could add friend named Fred tke this ‘EINSERT INTO friends VALUES(ULL, 1980-02-25, ‘college’, Fred Smith’, ‘Oxford Street, 21°), where the NULL value tls MariaDAto increment and set the numeriodentfiritself. Now unpose Fred moves house? No problem. Assuming that Marao gave Fred § as FID valve, ust update Freds reco: {UPDATE friends set adress ='Cambrige Set, S40 WHERE FID «5, Should you and Fred cease tobe fiends, youmay (oor eet eee? Scot errr Se a opr nern ene en etd eer eee Seen! eee ee eer err eee eter ren et nee ee ioe eres ee ees ee ee ee Dee toy ‘wor linuxvoice.com 7LV TUTORIAL BUEN 3 Your custom script, andoreommands MariaDB, database Possible destinations Y , SOLINSERT HTML pages GNUPLOT csvtestfies for Twitter tet commands to fordyamicGrophs! spreadsheets Conard orsles in COTHERDBs — Webstes Ue cints OpenDocument ‘ormat, remove him from your table From graphs to web pages, Menuovioow the bases, SDELETEFROM frends WHERE P-ID=5; OFSOLand septing is Tolistthename and addresses of all your fiends easy to transform MariaDB who are more than 25 years old sorted by street, ou database, or their textual backups, nto almost everything. Cod Peer corer Pree an ‘could ask MariaDB to: {&SELECT address as A, name as NFROM friends ‘WHERE Birthdate <= 1990-01-0r' ORDER by adress; |/Cambridge Street, 540 [Fred Smith | \1Cambridge Street, 601| Joan Walters | Oxford Street, 34 | Nick Williams | The WHERE clause is essential Without it, Mania0B would display, delete or alter every record ofthe selected table! AllSQL statements share the same basic structure shown above: you first define which columns you want to see, how to format each field if necessary, and from which tables) ManaDB should (et them. To see only the records that match certain Conditions, describe all of them in the WHERE clause. The real power of SOL: jining tables “The SQL JOIN operator places two oF more ables of database side by side to reate one temporary, virtual tbl that you may fter and capay as iit ‘were anormal one These examnpes introduce three common ypes of JIN {ESELECT* FROM frends INNER JOIN hobbies ON friends name ~ hobbies frind_name WHERE hobbies. present_hobbies like “chockey®; {ESELECT* FROM friends LEFT JOIN hobs ON frends ame = hobbies friend namename; {ESELECT* FROM frends FIGHT JOIN hobbies ON frendasame = bobbie fiend. name; ‘wor linuxvoice.com ‘Allcommands concatenate rowsin such a way that a {fiends row witha certain value goes side by sce with ‘the row from hobbies which fiend_name has that same value. What changes from one JOIN example to the other and remember these ae just tree ofthe available vaiants)is which rows are considered and how hols"in the temporary table ae filed “The temporary table created by the INNER JOIN ‘concatenates only the rows of friends a hobbies ‘hata have the same valve inthe name and fiend ‘name feds (without the ON clause, youd gt every row of friends concatenated to every row of hobbies) ‘and b)alistof present hobbies tha includes the string hockey The second command produces a table that has llth rows from te table onthe left ofthe JOIN keyword (thats friends) each concatenated with {© The row with the sare fiend_name, such aw exists {© AoW with sore oral elds set to NULL otherwise ‘The RIGHT JOIN does the seme ting just reversing the tables Now, before moving tothe next part, et’lean the most important things, thats how to back up your MariaD8 databace with mysaldump. Typing this in a Linux shel ‘mysqldump 1 linwcvaie -p ~extended insertealse ‘tiends> fiends backup sal ‘would save ll the SQL instructions torebuld from, scratch al the content of your fiends database nthe text fe fiends-backup. sql when loaded from the Marad® promt Why bother with allthis? “There ae lots of programming languages with ‘MariaDB/MySQ\ interfaces, Raw SOL commands are Plain text strings, and the whole content of a MariaDB ‘database can be dumped into one fl, as a sequence (of pian text commands, each with a well defined structure, Taking all that into account, its easy to realise that creaton, recovery and reuse of MaraSOL ‘databases, are much easier than you may suspect. Because the commands are plain text, we dorit need to use SQL to manipulate them; we could, for ‘example, dump the whole content ofthe database, or ‘ofa single table, nto a fat text fe, one record per line, ‘whith MySqldump. At that point it willbe easy to cut, slice, combine, ater and reformat that text with tools, lke sed, awk or grep, inside shell scripts “The other method consists of querying the database from inside a script using the MariaDB/ ‘My8Q¢ libraries forthe chosen language, and playing withthe results. Listing 1 shows some lines of Per! that detect, format and display, more flexibly than SQL ‘could do, the duplicate entries in a budget database: Listing 1 1 use DBI;2 use DED-MySal; 4. my Sdatabase = "budget 5 amy Shost 6 my Sport 7 my $user 8 my$pw 9 mySaen 3306; 10 my$DB__ = DBI->connect(sdsn, Suse, Sp); 12 my Squery = qq-selectb.dateb. item, b, ‘amount, bid from budget list where b. date = '2006-01- 01 order by b_date~; 13 my Squery_handle $D8-»prepare(Squery), 14 Squery-handle->enecuteQ; 15 Squery_handle->bind_columns(\Sb date, \8b item, \So_amount,\$b id; AT while(Squery_handle->feteh){ 19 if(SDOUBLE_ITEMS('Sb_date'Sb_amount?) feriste) ea 20. print SDOUBLE_ITEMS('Sb.datesso_ amount’yvalue), 21 printf” 1010s :%-40.408 824 Ba", 2 ‘b_date $b. item, $b_amount, $b i; 23 pelse( 24 SDOUBLE_ITEMS(‘Sb_date(Sb_amount’) existe) =; 25 SDOUBLE_ITEMS('Sb_dateiSb_amount’) ‘value= 26 sprintf"ORIG: $1005 :%-40.405 %8.2f ow, 27 Sb.date, $b item, $b_amount, $b id; a) =) ‘Thefirst ten 10 of Listing 1 show one way to load Perl modules that tak o Maria initiaisng all the necessary variables and using them to connect toa database called budget. The next four statements prepare a query execute it and bind the columns it returns to Perl variables with the same names. In line 17, the seript loops through each row returned by the {query Ifthe DOUBLE ITEMS array already contains ‘an entry with the same combination of date and ‘amount, both that and the current record are printed, as possible dupiicates. Otherwise, the current record is reformatted, and inserted into XDOUBLE_ITEMS. With the same base technique youmay quickly ‘rite code (in Per! or many other languages!) that, in the same run, connects to different MariaDe

Вам также может понравиться

• Grit: The Power of Passion and Perseverance

  

  От Everand

  Grit: The Power of Passion and Perseverance

  Angela Duckworth

  Рейтинг: 4 из 5 звезд

  4/5 (588)
• The Yellow House: A Memoir (2019 National Book Award Winner)

  

  От Everand

  The Yellow House: A Memoir (2019 National Book Award Winner)

  Sarah M. Broom

  Рейтинг: 4 из 5 звезд

  4/5 (98)
• The Subtle Art of Not Giving a F*ck: A Counterintuitive Approach to Living a Good Life

  

  От Everand

  The Subtle Art of Not Giving a F*ck: A Counterintuitive Approach to Living a Good Life

  Mark Manson

  Рейтинг: 4 из 5 звезд

  4/5 (5795)
• • Журналы
  • Подкасты
  • Нотное издание
• Never Split the Difference: Negotiating As If Your Life Depended On It

  

  От Everand

  Never Split the Difference: Negotiating As If Your Life Depended On It

  Chris Voss

  Рейтинг: 4.5 из 5 звезд

  4.5/5 (838)
• Hidden Figures: The American Dream and the Untold Story of the Black Women Mathematicians Who Helped Win the Space Race

  

  От Everand

  Hidden Figures: The American Dream and the Untold Story of the Black Women Mathematicians Who Helped Win the Space Race

  Margot Lee Shetterly

  Рейтинг: 4 из 5 звезд

  4/5 (895)
• The Hard Thing About Hard Things: Building a Business When There Are No Easy Answers

  

  От Everand

  The Hard Thing About Hard Things: Building a Business When There Are No Easy Answers

  Ben Horowitz

  Рейтинг: 4.5 из 5 звезд

  4.5/5 (345)
• Shoe Dog: A Memoir by the Creator of Nike

  

  От Everand

  Shoe Dog: A Memoir by the Creator of Nike

  Phil Knight

  Рейтинг: 4.5 из 5 звезд

  4.5/5 (537)
• Yes Please

  

  От Everand

  Yes Please

  Amy Poehler

  Рейтинг: 4 из 5 звезд

  4/5 (1891)
• The Little Book of Hygge: Danish Secrets to Happy Living

  

  От Everand

  The Little Book of Hygge: Danish Secrets to Happy Living

  Meik Wiking

  Рейтинг: 3.5 из 5 звезд

  3.5/5 (400)
• Elon Musk: Tesla, SpaceX, and the Quest for a Fantastic Future

  

  От Everand

  Elon Musk: Tesla, SpaceX, and the Quest for a Fantastic Future

  Ashlee Vance

  Рейтинг: 4.5 из 5 звезд

  4.5/5 (474)
• A Heartbreaking Work Of Staggering Genius: A Memoir Based on a True Story

  

  От Everand

  A Heartbreaking Work Of Staggering Genius: A Memoir Based on a True Story

  Dave Eggers

  Рейтинг: 3.5 из 5 звезд

  3.5/5 (231)
• On Fire: The (Burning) Case for a Green New Deal

  

  От Everand

  On Fire: The (Burning) Case for a Green New Deal

  Naomi Klein

  Рейтинг: 4 из 5 звезд

  4/5 (74)
• The Emperor of All Maladies: A Biography of Cancer

  

  От Everand

  The Emperor of All Maladies: A Biography of Cancer

  Siddhartha Mukherjee

  Рейтинг: 4.5 из 5 звезд

  4.5/5 (271)
• Angela's Ashes: A Memoir

  

  От Everand

  Angela's Ashes: A Memoir

  Frank McCourt

  Рейтинг: 4.5 из 5 звезд

  4.5/5 (440)
• Bad Feminist: Essays

  

  От Everand

  Bad Feminist: Essays

  Roxane Gay

  Рейтинг: 4 из 5 звезд

  4/5 (1016)
• Devil in the Grove: Thurgood Marshall, the Groveland Boys, and the Dawn of a New America

  

  От Everand

  Devil in the Grove: Thurgood Marshall, the Groveland Boys, and the Dawn of a New America

  Gilbert King

  Рейтинг: 4.5 из 5 звезд

  4.5/5 (266)
• The Unwinding: An Inner History of the New America

  

  От Everand

  The Unwinding: An Inner History of the New America

  George Packer

  Рейтинг: 4 из 5 звезд

  4/5 (45)
• Team of Rivals: The Political Genius of Abraham Lincoln

  

  От Everand

  Team of Rivals: The Political Genius of Abraham Lincoln

  Doris Kearns Goodwin

  Рейтинг: 4.5 из 5 звезд

  4.5/5 (234)
• Principles: Life and Work

  

  От Everand

  Principles: Life and Work

  Ray Dalio

  Рейтинг: 4 из 5 звезд

  4/5 (599)
• Fear: Trump in the White House

  

  От Everand

  Fear: Trump in the White House

  Bob Woodward

  Рейтинг: 3.5 из 5 звезд

  3.5/5 (738)
• The World Is Flat 3.0: A Brief History of the Twenty-first Century

  

  От Everand

  The World Is Flat 3.0: A Brief History of the Twenty-first Century

  Thomas L. Friedman

  Рейтинг: 3.5 из 5 звезд

  3.5/5 (2259)
• The Gifts of Imperfection: Let Go of Who You Think You're Supposed to Be and Embrace Who You Are

  

  От Everand

  The Gifts of Imperfection: Let Go of Who You Think You're Supposed to Be and Embrace Who You Are

  Brené Brown

  Рейтинг: 4 из 5 звезд

  4/5 (1091)
• Steve Jobs

  

  От Everand

  Steve Jobs

  Walter Isaacson

  Рейтинг: 4.5 из 5 звезд

  4.5/5 (806)
• Rise of ISIS: A Threat We Can't Ignore

  

  От Everand

  Rise of ISIS: A Threat We Can't Ignore

  Jay Sekulow

  Рейтинг: 3.5 из 5 звезд

  3.5/5 (137)
• John Adams

  

  От Everand

  John Adams

  David McCullough

  Рейтинг: 4.5 из 5 звезд

  4.5/5 (2409)
• The Glass Castle: A Memoir

  

  От Everand

  The Glass Castle: A Memoir

  Jeannette Walls

  Рейтинг: 4.5 из 5 звезд

  4.5/5 (1713)
• The Outsider: A Novel

  

  От Everand

  The Outsider: A Novel

  Stephen King

  Рейтинг: 4 из 5 звезд

  4/5 (1839)
• Brooklyn: A Novel

  

  От Everand

  Brooklyn: A Novel

  Colm Toibin

  Рейтинг: 3.5 из 5 звезд

  3.5/5 (1937)
• The Sympathizer: A Novel (Pulitzer Prize for Fiction)

  

  От Everand

  The Sympathizer: A Novel (Pulitzer Prize for Fiction)

  Viet Thanh Nguyen

  Рейтинг: 4.5 из 5 звезд

  4.5/5 (121)
• The Light Between Oceans: A Novel

  

  От Everand

  The Light Between Oceans: A Novel

  M.L. Stedman

  Рейтинг: 4.5 из 5 звезд

  4.5/5 (789)
• The Art of Racing in the Rain: A Novel

  

  От Everand

  The Art of Racing in the Rain: A Novel

  Garth Stein

  Рейтинг: 4 из 5 звезд

  4/5 (4200)
• Manhattan Beach: A Novel

  

  От Everand

  Manhattan Beach: A Novel

  Jennifer Egan

  Рейтинг: 3.5 из 5 звезд

  3.5/5 (792)
• The Woman in Cabin 10

  

  От Everand

  The Woman in Cabin 10

  Ruth Ware

  Рейтинг: 3.5 из 5 звезд

  3.5/5 (2322)
• The Perks of Being a Wallflower

  

  От Everand

  The Perks of Being a Wallflower

  Stephen Chbosky

  Рейтинг: 4.5 из 5 звезд

  4.5/5 (2104)
• Wolf Hall: A Novel

  

  От Everand

  Wolf Hall: A Novel

  Hilary Mantel

  Рейтинг: 4 из 5 звезд

  4/5 (3811)
• A Man Called Ove: A Novel

  

  От Everand

  A Man Called Ove: A Novel

  Fredrik Backman

  Рейтинг: 4.5 из 5 звезд

  4.5/5 (4610)
• Little Women

  

  От Everand

  Little Women

  Louisa May Alcott

  Рейтинг: 4 из 5 звезд

  4/5 (104)
• Sing, Unburied, Sing: A Novel

  

  От Everand

  Sing, Unburied, Sing: A Novel

  Jesmyn Ward

  Рейтинг: 4 из 5 звезд

  4/5 (1103)
• A Tree Grows in Brooklyn

  

  От Everand

  A Tree Grows in Brooklyn

  Betty Smith

  Рейтинг: 4.5 из 5 звезд

  4.5/5 (1929)
• Her Body and Other Parties: Stories

  

  От Everand

  Her Body and Other Parties: Stories

  Carmen Maria Machado

  Рейтинг: 4 из 5 звезд

  4/5 (821)
• The Constant Gardener: A Novel

  

  От Everand

  The Constant Gardener: A Novel

  John le Carré

  Рейтинг: 3.5 из 5 звезд

  3.5/5 (104)