Full Circle Magazine #155 by Ronnie Tucker

Full Circle THE INDEPENDENT MAGAZINE FOR THE UBUNTU LINUX COMMUNITY

(Flickr.com)

Photo: Elicus

ISSUE #1 55 - March 2020

R AW TH ER APEE

MORE SOFTWARE FOR PHOTOGRAPHERS full circle magazine #1 55

Fu ll Ci rcle M a g a zi n e i s n e i th e r a ffi li a te d wi th , n o r e n d o rse d b y, Ca n o n i ca l Ltd .

contents ^

Full Circle

HowTo

THE INDEPENDENT MAGAZINE FOR THE UBUNTU LINUX COMMUNITY

Linux News

p.04

Everyday Ubuntu

p.41

p.44

My Opinion

p.45

Letters

p.XX

Review

p.48

p.XX

Ubuntu Games

p.55

Python

p.21

Ubuntu & Security

p.26

Command & Conquer

p.1 9

Linux Loopback

Rawtherapee

p.28

Ubuntu Devices

p.XX

The Daily Waddle

Krita For Old Photos

p.35

My Story

p.XX

Inkscape

p.32

Q&A

p.51

Graphics

p.40

The articles contained in this magazine are released under the Creative Commons Attribution-Share Alike 3.0 Unported license. This means you can adapt, copy, distribute and transmit the articles but only under the following conditions: you must attribute the work to the original author in some way (at least a name, email or URL) and to this magazine by name ('Full Circle Magazine') and the URL www.fullcirclemagazine.org (but not attribute the article(s) in any way that suggests that they endorse you or your use of the work). If you alter, transform, or build upon this work, you must distribute the resulting work under the same, similar or a compatible license.

Full Circle magazine is entirely independent of Canonical, the sponsor of the Ubuntu projects, and the views and opinions in the magazine should in no way be full circle magazine #1 55 2 contents ^ assumed to have Canonical endorsement.

E D I T O R I AL

This magazine was created using :

WELCOME TO THE LATEST ISSUE OF FULL CIRCLE

e have the usual suspects of Python, Inkscape, and Krita, and if you're worried about security then we have an excellent intro to security from Erik.

If you're a photographer, you might be disheartened by the lack of Darktable. Fear not! Erik has a new series on using Rawtherapee for photography. You can never have enough lenses software. Elsewhere, SJ has a quick look at nomadBSD, Flash continues with PIM, there's a review of a QNAP NAS drive, and a review of the rather unusual looking game, Asciiker. Wherever you are in the world, keep safe in these crazy times!

Find Full Circle on:

facebook.com/fullcircle magazine twitter.com/#!/fullcirclemag http://issuu.com/fullcircle magazine

All the best, and (please!) let us know what you like/dislike . Ronnie ronnie@fullcirclemagazine.org

https://mastodon.social/ @fullcirclemagazine

Weekly News:

FCM PATREON : https://www.patreon.com/fullcirclemagazine full circle magazine #1 55

http://fullcirclemagazine.org/f eed/podcast http://www.stitcher.com/s?fi d=85347&refid=stpr http://tunein.com/radio/FullCircle-Weekly-News-p855064/ contents ^

N E WS

Submitted by ErikTheUnready

G OOGLE TESTS FUCHSIA OS: 03/02/2020

oogle has made changes to indicate the transition of the Fuchsia operating system to the stage of final internal testing " dogfooding ", which implies the use of the product in the daily activities of employees, before bringing it to ordinary users. At this stage, the product is in a state that has already passed basic testing by special quality assessment teams. Before delivering the product to the masses, they additionally conduct a final check on their employees who are not involved in the development. https://9to5google.com/2020/02/2 8/fuchsia-friday-dogfood/

APACHE COUCH DB 3.0 D OCUMENT M ANAGEMENT: 03/02/2020

distributed documentoriented database Apache

CouchDB 3.0 (a NoSQL-system), was released. The source code for the project is distributed under the Apache 2.0 license.

The user environment of Chrome OS is limited to a web browser, and instead of standard programs, web applications. However, Chrome OS includes a full multi-window interface, a desktop and a taskbar. Chrome OS 80 builds are available for most current Chromebooks. Enthusiasts builds are available for regular computers with x86, x86_64 and ARM processors. Source code distributed licensed under Apache 2.0.

upcoming revocation of many previously issued TLS / SSL certificates. Of the 1 1 6 million Let's Encrypt certificates currently in force, a little more than 3 million (2.6%) will be revoked, of which approximately 1 million are duplicates tied to one domain (the error mainly affected very frequently updated certificates, so there are many duplicates). The review is scheduled for the fourth of March, (the exact time has not yet been determined)

The Couch Replication Protocol lets your data flow seamlessly between server clusters to mobile phones and web browsers, enabling a compelling offline-first user-experience while maintaining high performance and strong reliability. CouchDB comes with a developer-friendly query language, Initially, the release was and optionally MapReduce for scheduled for February 1 1 , but was https://community.letsencrypt.org simple, efficient, and postponed. /t/revoking-certain-certificates-oncomprehensive data retrieval. march-4/1 1 4864 https://blog.couchdb.org/2020/02/ https://chromereleases.googleblo g.com/2020/03/stable-channel26/3-0/ update-for-chrome-os.html D RAGON FLY BSD 5.8

CHROME OS 80 RELEASE 03.03.2020

PERATING S YSTEM M ASS REVOCATION OF LET' S O RELEASE: ENCRYPT CERTIFICATES: 03.03.2020

03.03.2020 hrome OS 80 operating system based on the Linux kernel, he community-based Let's upstart system manager, ebuild / Encrypt Certification portage assembly tools, open Authority, a non-profit certification components, and the Chrome 80 center that provides certificates web browser has been released . for everyone, has warned of the

full circle magazine #1 55

he release of DragonFlyBSD 5.8 , a hybrid kernel operating system created in 2003 for the alternative development of the FreeBSD 4.x branch, is available. Among the features of DragonFly contents ^

NEWS

BSD are the distributed versioned HAMMER file system , support for loading "virtual" system cores as user processes, the ability to cache FS data and metadata on SSD drives, contextual variant symbolic links, the ability to freeze processes while maintaining their state on drive, a hybrid kernel using lightweight threads (LWKT).

query processing capabilities using https://lists.samba.org/archive/sa scripts in the configuration. Scripts mba-announce/2020/00051 4.html can be used in the configuration file to determine the extended logic for processing requests, N EW VERSION OF CURL 7.69: forming a configuration, 03/05/2020 dynamically generating a response, modifying a request / response, or new version of curl, 7.69.0 , quickly creating stubs to solve which provides the ability to problems in web applications. flexibly generate a request by setting parameters such as cookie, http://lists.dragonflybsd.org/piper http://mailman.nginx.org/pipermai user_agent, referer and any other mail/users/2020l/nginxheaders, is out. cURL supports March/358432.html announce/2020/000265.html HTTP, HTTPS, HTTP / 2.0, SMTP, IMAP, POP3, Telnet, FTP, LDAP, RTSP, RTMP and other network N GINX 1 .1 7.9 AND NJS SAMBA RELEASE 4.1 2.0: protocols. At the same time, an 03/04/2020 update was released in parallel to 0.3.9 RELEASE: the libcurl library, which provides 03/04/2020 he release of Samba 4.1 2.0, the an API for using all curl functions in continued development programs in languages such as C, he main branch of nginx 1 .1 7.9 Perl, PHP, Python. has been updated, in which the branch of Samba 4, with a fullfledged implementation of a development of new features domain controller and Active The release adds a new backend continues (in the parallel Directory service, compatible with to support the SSH protocol, made supported stable branch 1 .1 6, only using the wolfSSH library . The changes related to the elimination the implementation of Windows backend allows you to transfer of serious bugs and vulnerabilities 2000 and capable of servicing all versions of Windows-clients data using SFTP with minimal are considered). supported by Microsoft, including overhead, which makes it possible Windows 1 0 is out. Samba 4 is a to use it in tiny-curl collections for Additionally, there was a embedded systems. SCP is not yet release of njs 0.3.9, the JavaScript multifunctional server product , which also provides the supported in the added backend interpreter for the nginx web implementation of a file server, (use the old libssh backend for SCP server . The njs interpreter ). implements ECMAScript standards print service, and authentication server (winbind). and allows you to extend nginx's full circle magazine #1 55 5

https://curl.haxx.se/mail/archive2020-03/0004.html

APACHE N ETB EANS 1 1 .3 IDE RELEASE: 03/05/2020

he Apache Software Foundation Organization has released their new IDE, NetBeans 1 1 .3 . This is the fifth release by the Apache Foundation after the transfer of NetBeans code by Oracle. The first release after the project was transferred from the incubator to primary Apache projects. The release contains support for the Java SE, Java EE, PHP, JavaScript, and Groovy programming languages. The expected integration of C / C ++ language support from version 1 1 .3 of the code base provided by Oracle has been postponed to the next release. Everything related to the development of projects in C and C ++ are ready, but the code is not yet integrated. Before built-in support, plug-ins are available., The release of Apache NetBeans 1 2, which will be accompanied as part of an extended support cycle contents ^

NEWS

write data to Intel CSME static memory and change the already https://blogs.apache.org/netbeans initialized Intel CSME memory page tables to intercept execution, /entry/announce-apacheextract the platform key and netbeans-1 1 -3 receive control over the generation of encryption keys for Intel CSME modules. Details of exploitation of I NTEL CHIPSET vulnerability are planned to be VULNERABILITY TO EXTRACT the published later. (LTS) is planned for April 2020.

PLATFORM ROOT KEY: 03/05/2020

esearchers from Positive Technologies identified a vulnerability ( CVE-201 9-0090 ), which allows physical extraction of the platform root key (Chipset key), which is used as the â&#x20AC;&#x153;root of trustâ&#x20AC;? for authenticating various components of the platform, including TPM (Trusted Platform Module) firmware ) and UEFI. The vulnerability is caused by a bug in the hardware and in the Intel CSME (Converged Security and Manageability Engine) firmware, which is located in the boot ROM. This does not allow fixing of the problem in already used devices. Due to the presence of a window during the restart of Intel CSME (for example, when waking up from sleep mode), manipulating the DMA, you can

In addition to extracting the key, the error also allows code execution at the zero privilege level of the Intel CSME. The problem affects most Intel chipsets released in the last five years, but in the 1 0th generation of processors (Ice Point) the problem no longer appears. Intel became aware of the problem about a year ago and in May 201 9 firmware updates were released that, although they cannot change the vulnerable code in the ROM, they are trying to block possible vectors at the level of individual Intel CSME modules. https://www.ptsecurity.com/ruru/about/news/neustranimayauyazvimost-v-chipsetah-intelugrozhaet-rabochim-stanciyam-ipravoobladatelyam/ full circle magazine #1 55

POWERDNS RECURSOR 4.3 AND KNOTDNS 2.9.3 RELEASE: 03/05/2020

he caching DNS server, PowerDNS Recursor v4.3, has been released. PowerDNS Recursor is built on the same code base as the PowerDNS Authoritative Server, but the recursive and authoritative PowerDNS DNS servers are developed as part of different development cycles and released as separate products. The project code is distributed under the GPLv2 license. The server provides tools for remote statistics collection, supports instant restart, has a built-in engine for connecting handlers in the Lua language. It fully supports DNSSEC, DNS64, RPZ (Response Policy Zones) and allows you to connect blacklists. It is possible to record the results of resolving in the form of BIND zone files. To ensure high performance, modern connection multiplexing mechanisms in FreeBSD, Linux and Solaris (kqueue, epoll, / dev / poll) are used, as well as a highperformance parser for DNS

packets that can handle tens of thousands of parallel requests. https://blog.powerdns.com/2020/0 3/03/powerdns-recursor-4-3-0released/

SANDCASTLE PROJECT PREPARES LINUX AND ANDROID BUILDS FOR INSTALLATION ON I P HONE 7: 03/06/2020

roject Sandcastle published a build for Linux and Android. The project is suitable for installation on the iPhone 7 and 7+ . The project also provides limited support for iPod Touch 7G and porting to various iPhone 6, 8, X, 1 1 and iPod Touch 6G models is ongoing. The software still has a way to go. https://projectsandcastle.org/

contents ^

NEWS AN ERROR IN BIND 9.1 6 THAT DISRUPTS THE PROCESSING OF TCP CONNECTIONS:

03/06/2020

n the BIND 9.1 6.0 branch published two weeks ago, a serious error was revealed exhausting the limit on the number of TCP connections. In BIND 9.1 6, a new network subsystem was proposed, which was transferred to the asynchronous request processing mechanism based on the libuv library. Due to an error in this subsystem, the counter of active TCP connections does not decrease under certain conditions, which leads to an increasing discrepancy between its value and the actual number of connections. After some time, the counter value may reach the set limit on the number of client connections and new TCP requests will cease to be accepted (UDP requests will continue to be processed). Basically, the problem manifests itself on servers that accept TCP connections from clients on several network

interfaces at once. BIND 9.1 6 has not yet been released, but a patch has been published to fix the error . As a temporary solution, you can set the limit on the number of connections (option tcp-clients) to a very large value. In addition to BIND 9.1 6, the problem affects the experimental branch 9.1 5, starting with the release of 9.1 5.6, but this branch was originally used only for development and is not focused on production servers. https://www.mailarchive.com/bindannounce@lists.isc.org/msg00567. html

GNU COREUTILS 8.32 B ASIC SYSTEM U TILITY LAUNCH : 03/06/2020

fter a year of development , a stable version of the GNU Coreutils 8.32 set of basic system utilities is available. It includes programs such as sort, cat, chmod, chown, chroot, cp, date, dd, echo, hostname, id, ln, ls, etc. d. http://savannah.gnu.org/forum/for um.php?forum_id=9693 full circle magazine #1 55

SECOND RELEASE OF G LIMPSE, FORK OF THE GIMP GRAPHICS EDITOR: 03/06/2020

he second release of the Glimpse graphics editor has been published. Builds are available for Windows and Linux (so far only in the Flatpak format , but Snap will be available too ). Other than correcting errors from the previous release, the addition of new themes for interface design and icons was touted. There were improved translations for nonEnglish-speaking users, removal of the word "gimp", adding settings for choosing a language on the Windows platform, and removing unnecessary â&#x20AC;&#x153;funâ&#x20AC;? brushes . The proposed release of Glimpse is based on GIMP 2.1 0.1 2, with rebranding, renaming directories and cleaning the user interface. The external dependencies are BABL 0.1 .68, GEGL 0.4.1 6 and MyPaint 1 .3.0. https://glimpseeditor.org/posts/glimpse-0-1 -2release-notes/

D EVELOPMENT OF DNF 5

PACKAGE MANAGER AND PACKAGEKIT REPLACEMENT STARTED : 03/06/2020

aniel Mach of Red Hat announced the start of the development on the DNF 5 package manager, which will port Python-implemented DNF logic to the C ++ libdnf library. They plan to begin testing DNF 5 in June during the development of Fedora 33, in October 2020. They plan to add it to the Rawhide repository, and replace DNF 4 with it in February 2021 . Maintenance of the DNF 4 branch will continue, as it is used in Red Hat Enterprise Linux 8. The project has reached a state in which it is almost impossible to continue the development of code without compromising compatibility at the API / ABI level. This is mainly due to the loss of relevance of PackageKit and the inability to develop libdnf without changing the "libhif" API. At the same time, despite the intention to change the API, maintaining backward compatibility at command line interface level and API is prioritised. contents ^

NEWS

https://lists.fedoraproject.org/arch VULNERABILITY IN PPPD AND M IN 1 .1 3 WEB BROWSER ives/list/devel@lists.fedoraproject. PUBLISHED : org/thread/NWSURJRGZAIIMNZJT LWIP ALLOWING REMOTE 03/07/2020 CODE EXECUTION WITH ROOT 244DHDPOG2PBQXZ/

PRIVILEGES:

in 1 .1 3 is out, offering a minimalistic interface, built SYSTEMD 245 AVAILABLE around the manipulation of the vulnerability was identified in address bar. The browser was WITH PORTABLE HOME the pppd package ( CVE-2020- created using the Electron DIRECTORIES: 8597 ), which allowed it to execute platform, which allows you to 03/06/2020 its code by sending specially create stand-alone applications crafted authentication requests to based on the Chromium engine fter three months of systems using PPP (Point-to-Point and the Node.js. platform. The Min development , the release of Protocol) or PPPoE (PPP over interface is written in JavaScript, the systemd 245 system manager Ethernet). These protocols are CSS and HTML. The code is is announced. In the new release, usually used by providers to new components systemd-homed establish connections via Ethernet licensed under Apache 2.0. Builds are available for Linux, macOS and and systemd-repart are added. or DSL, and are also used in some Windows. The browser has a builtSupport for portable user profiles VPNs (for example, pptpd and in ad blocking system ( EasyList ) in JSON format is included, the openfortivpn ). and a code for tracking visitors, it is ability to define namespaces in also possible to disable the systemd-journald is provided and The issue affects pppd versions downloading of images and scripts. support for the "pidfd" mechanism 2.4.2 through 2.4.8 inclusive and is is added. The project website has fixed in the form of a patch . The https://github.com/minbrowser/mi been completely redone, where vulnerability also affects the lwIP n/releases/tag/v1 .1 3.0 most of the available stack , but EAP support is not documentation has been collected enabled in the default and a new logo has been proposed. configuration in lwIP. 03/07/2020

TWO ATTACKS ON THE

https://lists.freedesktop.org/archiv https://www.kb.cert.org/vuls/id/78 CACHE CHANNEL PREDICTION es/systemd-devel/20202301 / MECHANISM IN AMD March/0441 1 9.html

PROCESSORS: 03/07/2020

full circle magazine #1 55

team of researchers from Graz University of Technology (Austria), conducted a study of AMD-specific hardware optimizations and developed two new third-party channel attack methods that manipulate data leaks during channel prediction in the level one cache of AMD processors. Methods can be used to reduce ASLR protection, restore keys in vulnerable AES implementations, and increase Specter attack efficiency. Problems were identified in the implementation of the channel predictor mechanism (way predictor) in the data cache of the first level of the CPU (L1 D), which is used to predict which channel of the cache reflects a specific memory address. The optimization used in AMD processors is based on the verification of μ tags (μTag). μTag is calculated by applying a specific hash function to the virtual address. During operation, the channel prediction mechanism uses μTag to determine the cache channel from the table. Thus, μTag allows the processor to limit itself to accessing only a specific channel, without enumerating all the options, which significantly contents ^

NEWS

reduces CPU power consumption. https://mlq.me/download/takeawa y.pdf

APT 2.0 PACKAGE M ANAGER RELEASED: 03/08/2020

he release of the package management tool APT 2.0 (Advanced Package Tool), developed by the Debian project, is available. APT is also used in some distributions based on the rpm package manager, such as PCLinuxOS and ALT Linux. The new branch has incorporated the changes in the development of the experimental branch 1 .9.x. In the near future, the new release will be integrated into the Debian Unstable branch and into the

Ubuntu package base (experimental branch 1 .9 was used in Ubuntu 1 9.1 0). https://blog.jaklinux.org/2020/03/07/apt-2.0/

ZORIN OS 1 5.2

DISTRIBUTION RELEASE: 03/09/2020

orin OS 1 5.2 Linux, a distribution based on the Ubuntu 1 8.04.4 base is out . The distribution's target audience is novice users who are used to working in Windows. To control the design, the distribution offers a special configurator that allows you to mimic different versions of Windows, and the software selection includes programs that are close to the programs that

Windows users are used to. The bootable iso-image is 2.3 GB in size (two desktop environments are available - the usual one based on GNOME and "Lite" with Xfce). https://zoringroup.com/blog/2020/ 03/05/zorin-os-1 5-2-is-releasedharder-better-faster-stronger/

FULL CIRCLE WEEKLY N EWS

VULNERABILITY IN TIMESHIFT THAT COULD

ELEVATE ITS PRIVILEGES IN THE SYSTEM : 03/09/2020

vulnerability has been identified in the Timeshift application ( CVE-2020-1 01 74 ), allowing a local user to execute code with root privileges. Timeshift is a backup system that uses rsync

Join our new host Leo Chavez as he presents you with a short podcast (<1 0min) with just the news. No chit-chat. No time wasting. Just the latest FOSS/Linux/ Ubuntu news.

RSS:

http://fullcirclemagazine. org/feed/podcast

full circle magazine #1 55

contents ^

NEWS

with hard links or Btrfs snapshots to implement functionality similar to System Restore on Windows and Time Machine on macOS. The program is included in the repositories of many distributions and is used by default in PCLinuxOS and Linux Mint. The vulnerability is fixed in Timeshift 20.03 release .

release cycle to 6 months, strengthen quality control, synchronize development with FreeBSD to provide more rapid support for new equipment, simplify documentation, unify sites, simplify migration between commercial and free distributions, accelerate the transition to OpenZFS 2.0 to base "ZFS on Linux".

The new release implements support for decoding video in the AV1 format (via dav1 d from FFmpeg). The PCManFM file manager provides the ability to create thumbnails for videos and documents in PS and PDF formats. Editors included: SciTE, GNU nano and mg (MicroGnuEmacs). As a downloadable add-on, Vim is available (with gVim). Lots of updated packages in this release.

https://www.openwall.com/lists/os s-security/2020/03/06/3 https://www.ixsystems.com/blog/f reenas-truenas-unification/ https://4mlinuxreleases.blogspot.com/2020/03/4 mlinux-320-stable-released.html M ERGER OF FREENAS AND

TRUENAS PROJECTS ANNOUNCED:

03/09/2020

Xsystems announced the unification of its products for the rapid deployment of network storage (NAS, Network-Attached Storage). The free FreeNAS distribution will be merged with the TrueNAS commercial project , expanding the capabilities of FreeNAS for enterprises and comes pre-installed on storage systems manufactured by iXsystems. The combination will speed up development and shorten the

4MLINUX 32.0

DISTRIBUTION RELEASE: 03/1 0/2020

MLinux 32.0, a minimalist custom distribution that is not an offshoot of other projects and uses a graphical environment based on JWM, is ready. 4MLinux can be used not only as a live environment for playing multimedia files and solving user problems, but also as a recovery system and a platform for launching LAMP servers (Linux, Apache, MariaDB and PHP). The size of the iso-image is only 830 MB (i686, x86_64). full circle magazine #1 55

THE RELEASE OF THE

CONSOLE SCREEN SAVER NEOFETCH 7.0.0: 03/1 0/2020

eofetch 7.0.0 utility is available. By default, the program displays the logo of the operating system, which can be replaced with an arbitrary picture (for terminals that support image display) or an ASCII picture. The utility supports about 1 50 operating systems, from Linux and Windows to Minix, AIX and Haiku. The program is written in Bash and distributed under the MIT license.

The new version adds support for: Proxmox VE, BlackArch, Neptune, Obarun, Drauger OS, macOS Catalina, ArchStrike, Cucumber Linux, EuroLinux, Cleanjaro, Septor Linux, Carbs Linux, EndeavourOS and T2. They also added support for the Regolith desktop . The release includes a selection of compact logos. https://github.com/dylanaraps/neo fetch/releases/tag/7.0.0

POSTGRESQL ANONYMIZER 0.6, AN EXTENSION FOR ANONYMIZING DATA IN A

DBMS:

03/1 0/2020

new release of the PostgreSQL Anonymizer project is available, which solves the problem of hiding or replacing confidential data. Data can be hidden on the fly based on specially defined rules and lists. The code is distributed under the PostgreSQL license. For example, using the add-on in question, you can provide access contents ^

NEWS

to the database to third parties, such as, third-party business intelligence services, automatically denying them access to phone numbers and credit cards, or using more sophisticated methods, such as changing customer and company names to fictitious information. In addition to performing anonymization when connecting directly to the DBMS, there is a mode for creating anonymized SQL dumps

depending on the type of data being analyzed. Plugins are available for the classic hexadecimal display, binary and ASCII representations, bitwise and byte-by-bit rasterization (each pixel is associated with a bit or byte) and character rasterization. For data analysis, plugins are offered for searching and navigating data, highlighting standard templates and headers, defining blocks based on regular expressions.

https://www.postgresql.org/about /news/201 7/

https://github.com/MahletInc/hobbits/releases/tag/v0.21 .0

RELEASE OF H OBBITS 0.21 , M ORE I NTEL WOES WITH LVI: A VISUALIZER FOR REVERSE 03/1 1 /2020 ENGINEERING BINARY FILES: 03/1 0/2020

obbits 0.21 project is out , a graphical interface for the analysis, processing and visualization of binary data in reverse engineering. The code is written in C ++ using the Qt library and is distributed under the MIT license. Parsing, processing and visualization are connected via plugins, which can be selected

here is a new class of attacks LVI ( Load the Value Injection, the CVE-2020-0551 ) speculative execution in the CPU, which can be used for the diversion of keys and sensitive data from the Intel SGX enclave and other processes.

attacks . At the same time, new attacks are not blocked by existing methods of protection against Meltdown, Specter, MDS and other similar attacks. Effective LVI protection requires hardware changes to the CPU. Software mitigations, by adding the LFENCE instruction by the compiler after each load operation from memory and replacing the RET instruction with POP, LFENCE and JMP, is just too much overhead - according to researchers, full software protection will lead to between 21 9 times performance degradation. https://www.intel.com/content/w ww/us/en/securitycenter/advisory/intel-sa00334.html

WEBKITGTK 2.28.0

BROWSER ENGINE AND EPIPHANY 3.36 WEB BROWSER RELEASE: 03/1 1 /2020

The new attack class is based on he release of the new stable manipulations with the same branch of WebKitGTK 2.28.0, is microarchitectural structures as in out. WebKitGTK allows you to use the MDS (Microarchitectural Data Sampling), Specter, and Meltdown all the features of WebKit through full circle magazine #1 55 11

a GNOME-oriented programming interface based on GObject . It can be used to integrate web-content processing tools into any application, from specialized HTML / CSS parsers, to create fullfeatured web browsers. Wellknown projects using WebKitGTK are Midori and the standard GNOME browser (Epiphany) . https://webkitgtk.org/2020/03/1 0/ webkitgtk2.28.0-released.html

SDL 2.0.1 2 M ULTIMEDIA LIBRARY RELEASE: 03/1 1 /2020

he release of the SDL 2.0.1 2 library (Simple DirectMedia Layer), aimed at simplifying the writing of games and multimedia applications, has been announced . The SDL library provides tools such as hardware-accelerated 2D and 3D graphics output, input processing, audio playback, 3D output via OpenGL / OpenGL ES, and many other related operations. The library is written in C and distributed under the zlib license. To use the SDL features in projects in various programming languages, binders are provided. contents ^

NEWS

https://discourse.libsdl.org/t/sdl-2- and is aimed at ensuring that games created for Windows, 0-1 2-released/2731 8 launch on Linux. Project developments are distributed under the BSD license. GNOME 3.36 U SER

the possibility of receiving updates for the Debian 8 "Jessie" after the completion of the regular five-year maintenance cycle. Originally they planned to stop supporting the Debian 8 LTS branch in July 2020, ENVIRONMENT RELEASE: Proton allows you to directly but Freexian expressed its 03/1 1 /2020 run games that are only available readiness to release updates on its for Windows on your Linux client. own with the elimination of fter six months of The package includes an package vulnerabilities as part of development GNOME 3.36 DE implementation of DirectX 9/1 0/1 1 the Extended LTS program . is out . Compared with the (based on the DXVK package ) and previous release, about 24 DirectX 1 2 (based on vkd3d ). The Additional support will cover a thousand changes were made, in Vulkan API, provides improved limited set of packages and apply which 780 developers took part. To support for game controllers and only to the amd64 and i386 quickly evaluate the capabilities of the ability to use full-screen mode architectures (possibly arm). GNOME 3.36, specialized live regardless of games screen Support will not cover packages builds based on openSUSE and resolutions. To increase the such as the Linux 3.1 6 kernel (the Ubuntu have been released . performance of multi-threaded 4.9 kernel backported from Debian games, the " esync " (Eventfd 9 "Stretch" will be offered), https://www.mailSynchronization) and " futex / fsync openjdk-7 (openjdk-8 will be archive.com/devel-announce" mechanisms are supported . offered) and tomcat7 list@gnome.org/msg00999.html (maintenance will last until March https://github.com/ValveSoftware/ 2021 ). Updates will be distributed Proton/releases/tag/proton-5.0-4 through an external repository maintained by Freexian. Access will VALVE RELEASES PROTON be free for all, and the range of 5.0-4, A PACKAGE FOR supported packages will depend RUNNING WINDOWS GAMES D EBIAN 8 WILL BE on the total number of sponsors SUPPORTED FOR MORE THAN and packages that interest them. ON LINUX: 5 YEARS: 03/1 1 /2020 https://raphaelhertzog.com/2020/ 03/1 1 /2020 03/1 1 /keeping-debian-8-jessiealve has published the release alive-for-longer-than-5-years/ he LTS Team, responsible for of the Proton 5.0-4 project , generating updates for the which is based off the Wine project Debian LTS branches , announced full circle magazine #1 55 12

M OZILLA WILL HELP IN UPDATING THE KAI OS PLATFORM (FORK OF FIREFOX OS): 03/1 2/2020

ozilla and KaiOS Technologies announced a collaboration aimed at updating the browser engine used in the KaiOS mobile platform. KaiOS continues to develop the Firefox OS mobile platform and is currently used on approximately 1 20 million devices sold in more than 1 00 countries. The problem is that KaiOS continues to use an outdated browser engine, corresponding to Firefox 48, that ceased 201 6. This engine is outdated, does not support many current web-technologies and does not provide proper security. The purpose of cooperation with Mozilla is to transfer KaiOS to the new Gecko engine and keep it up to date, including regular publication of patches to eliminate vulnerabilities. Work also involves optimizing the performance of the platform and related services and applications. All changes and improvements will be published contents ^

NEWS

under the free MPL (Mozilla Public License). https://www.kaiostech.com/press/ kaios-technologies-and-mozillapartner-to-enable-a-healthymobile-internet-for-everyone/

G ENODE PROJECT RELEASES SCULPT 20.02 G ENERAL PURPOSE OS:

interactive interface for administration (the system settings editor), support for virtual desktops, and optimization of the performance of the virtual machine monitor (based on VirtualBox). Updated utilities for monitoring system performance, Unix runtime, and GUI components. The release also includes enhancements introduced in the February Genode platform update, such as support for 64-bit i.MX ARM processors and porting of the sound driver from OpenBSD 6.6.

The new version of Tor Browser has been updated to release 9.0.6 (at the time of writing the news has not yet been officially announced), synchronized with the Firefox 68.6.0 ESR code base. Also updated are: the Linux kernel 5.4.1 9, Thunderbird 68.5.0, cURL 7.64.0, evince 3.30.2, Pillow 5.4.1 , WebKitGTK 2.26.4, virtualbox 6.1 .4. Also adding missing firmware for wireless cards based on Realtek RTL8822BE / RTL8822CE chips.

D EBIAN 1 1 PACKAGE BASE FREEZE SCHEDULED FOR NEXT YEAR: 03/1 2/2020

ebian developers have published a plan to freeze the Debian 1 1 "Bullseye" release. A Debian 1 1 release is expected in mid-2021 .

On January 1 2, 2021 , the first stage of freezing the package base Addition: Tor Browser 9.0.6 will begin, within which the based on Firefox 68.6.0, which also transitions will be stopped he developers of the open microkernel operating system https://github.com/genodelabs/ge updated NoScript 1 1 .0.1 5 that (updating packages that require node stops loading built-in CSS external dependency corrections for other Genode OS Framework have Fonts in Safe Mode. The released the Sculpt operating packages, which will temporarily developers also warned of a system yesterday. As part of the remove packages from Testing), as remaining uncorrected error, which well as stopping updating Sculpt project, Genode-based T AILS 4.4 AND TOR made it possible to launch technology is developing a packages needed for assembly ( B ROWSER 9.0.6 RELEASE : JavaScript code in the "Safest" general-purpose operating system build-essential ). 03/1 2/2020 protection mode. The problem has that can be used by ordinary users not yet been resolved, so for those to perform everyday tasks. The On February 1 2, 2021 , a soft he release of the specialized for whom the blocking of source code for the project is freezing of the package base will Tails 4.4 distribution (The JavaScript execution is important, take place, at which the reception distributed under the AGPLv3 it is recommended, for a while, in license. A 26 MB LiveUSB image is Amnesic Incognito Live System), of new source packages will be based on Debian and designed to about: config to completely block stopped and the ability to reoffered for download. It supports the use of JavaScript in the systems with Intel processors and provide anonymous access to the enable previously deleted internet, is out. All connections browser by changing the graphics with the VT-d and VT-x packages will be closed. except traffic through the Tor javascript.enabled parameter in extensions enabled. network are blocked by default about: config. On March 1 2, 2021 , a hard with a packet filter. Encryption is In this new release you will find freeze will be applied before a file manager working in graphical used to store user data in the â&#x20AC;&#x153;save https://tails.boum.org/news/versio release, in which the process of user data modeâ&#x20AC;? between restarts. n_4.4/index.en.html mode, the processing of an full circle magazine #1 55 13 contents ^ 03/1 2/2020

NEWS

transferring key packages and packages without autopkg tests from unstable to testing will be completely stopped and the stage of intensive testing and bug fixing, blocking release will begin. Hard freezing is introduced for the first time and is considered as a necessary intermediate stage before complete freezing, covering all packages. The time of complete freezing is not yet determined. https://lists.debian.org/debiandevelannounce/2020/03/msg00002.htm l

GCC 9.3 COMPILER SUITE U PDATE: 03/1 2/2020

bug fix release of the GCC 9.3 compiler suite is available, with a lot of work done to fix errors, regressive changes and compatibility issues. Compared to GCC 9.2 , GCC 9.3 has 1 57 fixes, mainly related to resolving regressive changes. https://www.mailarchive.com/infognu@gnu.org/msg0271 6.html

ALT P9 STARTER KITS QUARTERLY UPDATE: 03/1 3/2020

he fourth round of starter kits is available on the Ninth Alt platform, made for i586, x86_64, aarch64 and arm architectures. Releases for MIPS architecture are proposed in versions for the Russian Tavolga and BFK3 systems on the Baikal-T1 CPUâ&#x20AC;&#x2122;s. Owners of Elbrus VK based on 4C and 8C / 1 C + processors also have access to a number of starter kits. Starter kits are suitable for starting work with a stable repository for users who prefer to install their own list of application packages to configure their systems. Images include a basic system, one for desktop environments or a set of specialized applications. https://getalt.org/ru/starterkits/

NGINX U NIT 1 .1 6.0 APPLICATION SERVER RELEASE: 03/1 3/2020

he NGINX Unit 1 .1 6 application full circle magazine #1 55

server was released, to ensure the launch of web applications in various programming languages (Python, PHP, Perl, Ruby, Go, JavaScript / Node.js and Java). Under the control of the NGINX Unit, several applications in different programming languages can be run simultaneously, the launch parameters can be changed dynamically without the need to edit configuration files and restart. The code is written in C and distributed under the Apache 2.0 license. If you want to know more, read the initial release notes.

management in Rust saves the developer from manipulating pointers and protects against problems arising from low-level work with memory, such as accessing a memory area after it was freed, dereferencing null pointers, going out of buffer boundaries, etc. To distribute libraries, ensure assembly, and manage project dependencies, a Cargo package manager is developed that allows you to get the libraries you need for the program in one click. Check out crates.io for more cargo cartes.

http://unit.nginx.org/

https://blog.rustlang.org/2020/03/1 2/Rust1 .42.html

RUST 1 .42 IS OUT: 03/1 3/2020

ust 1 .42 system programming language , based on the Mozilla project, is released. The language is focused on safe work with memory, provides automatic memory management and provides means to achieve high concurrency of tasks, without having to use a garbage collector and runtime. Automatic memory

RED H AT ENTERPRISE LINUX VULNERABILITY REPORT FOR 201 9: 03/1 3/2020

ed Hat has published a report for vulnerabilities identified in Red Hat products during 201 9. Over the year, 1 31 3 vulnerabilities were fixed in Red Hat products and services (3.2% more than in 201 8), 27 of them were critical problems. In total, the Red Hat security contents ^

NEWS

service in 201 9 examined 271 4 vulnerabilities covering all possible problems, including open programs that are not part of RHEL or do not appear in RHEL.

functions defined in it. The PE / COFF loader is based on the ndiswrapper code. The project code is distributed under the GPLv2 license.

https://github.com/taviso/loadlibr ary

LibreELEC 9.2.1 project, a fork distribution of OpenELEC home theater, has been published. The user interface is based on the Kodi WINE 5.4 AND WINE media center. Images for a USB drive or SD card (32-bit and 64-bit STAGING 5.4 RELEASE: x86, Raspberry Pi 1 /2/3/4, various 03/1 4/2020 devices based on Rockchip and Amlogic chips) are available for pilot release of the open download . In the new version, a implementation of WinAPI section for configuring VPN Wine 5.4 is available. Since the WireGuard is added to the release of version 5.3 , 34 error reports have been closed and 373 configurator, and support for working on Raspberry Pi 4 boards changes made. is improved (performance and At the same time, the release of output quality are improved in 1 080p and 4K modes). the Wine Staging 5.4 project is available, including incomplete or https://libreelec.tv/2020/03/libreel risky patches that are not yet ec-leia-9-2-1 / suitable for adoption in the main Wine branch. Compared to Wine, Wine Staging provides 855 additional patches. The new VULNERABILITY IN B LUEZ release synchronizes with the Wine B LUETOOTH S TACK: 5.4 codebase. 03/1 4/2020

Updates to eliminate 98% of critical issues were released within a week, after public information about the vulnerability became known. The largest number of vulnerabilities were fixed in the Linux kernel and packages with browser components.

https://www.winehq.org/announce /5.4

LoadLibrary takes over the functions of loading the library into memory and importing existing characters, providing the Linux application with a dlopenstyle API. Pluggable code can be debugged using gdb, ASAN and Valgrind. You can adjust the executable code at runtime by https://www.redhat.com/en/blog/r connecting hooks and applying eviewing-vulnerabilities-201 9patches (runtime patching). The annual-red-hat-product-securityaim of the project is to organize risk-report scalable and efficient distributed fuzzy testing of DLLs in a Linuxbased environment. In Windows, fuzzing and coverage LOADLIBRARY, A LAYER FOR conducting testing does not allow for proper LOADING WINDOWS DLLS IN performance and often requires launching a separate virtualized LINUX APPLICATIONS: instance of Windows, especially 03/1 3/2020 when trying to analyze sophisticated products, such as havis Ormandy, security antivirus software, covering work researcher at Google, is developing a project, LoadLibrary, at the kernel level and user space. With the help of LoadLibrary, aimed at porting collected Google researchers are searching Windows DLL-libraries for use in for vulnerabilities in video codecs, applications in Linux. The project provides an interlayer library with antivirus scanners, data which you can load a DLL file in PE decompression libraries, image decoders, etc. / COFF format and call the full circle magazine #1 55

LIBREELEC 9.2.1 H OME CINEMA D ISTRIBUTION U PDATE: 03/1 4/2020

he vulnerability could potentially allow an attacker to gain access to the system. Due to incorrect access control in the implementation of HID and HOGP Bluetooth profiles, the vulnerability allows denial of service or elevation of privileges contents ^

NEWS

when connecting a malicious Bluetooth device without going through the process of binding the device to the host. A malicious Bluetooth device without passing the pairing procedure can impersonate another HID device (keyboard, mouse, game controllers, etc.) or hidden data substitution into the input subsystem.

O PEN SOURCE SOFTWARE FOUNDATION ANNOUNCED THE ANNUAL AWARD FOR CONTRIBUTION TO THE DEVELOPMENT OF FREE SOFTWARE: 03/1 5/2020

t the LibrePlanet 2020 conference, which was held According to Intel, the problem online this year due to the is in releases of Bluez up to and coronavirus pandemic, a virtual including v5.52. It is unclear awards ceremony was held to whether the issue affects v5.53, as announce the winners of the it has not been publicly announced annual Free Software Awards 201 9. , but has been available through It was established by the Free Git and in the archive since Software Foundation (FSF) and February. Patches for fixing both awarded to people who made the vulnerabilities were proposed on most significant contribution in the March 1 0, and release 5.53 was development of free software, as posted on February 1 5. Some well as socially significant free distroâ&#x20AC;&#x2122;s have not yet been updated projects. Commemorative records ( Debian , Ubuntu , SUSE , RHEL , and letters handed out at the Arch , Fedora ). ceremony were mailed to the winners (FSF prize does not imply a https://www.openwall.com/lists/os monetary reward). s-security/2020/03/1 2/4 Prize for the promotion and development of free software was Jim Meiring, for GNU Coreutils, which includes utilities such as sort, cat, chmod, chown, chroot, cp, date, dd, echo, hostname, id, ln, ls, etc. Jim is also one of the main full circle magazine #1 55

developers of autotools and the creator of Gnulib , who has done a great job of unifying the type code typical for GNU projects.

services such as Gmail and Yahoo! Mail. A SQLite database is used to store the message database; a fulltext index is created to search the message database. To work with https://www.fsf.org/news/letsIMAP, a new library based on encrypt-jim-meyering-and-clarissa- GObject was used, for working in lima-borges-receive-fsfs-201 9-free- asynchronous mode. software-awards https://www.mailarchive.com/gnome-announceG EARY 3.36 EMAIL CLIENT list@gnome.org/msg1 1 638.html

RELEASED:

03/1 5/2020

he Geary 3.36 email client, aimed at the GNOME environment is out. Initially, the project was founded by the Yorba Foundation, which created the popular Shotwell photo manager, but later development went into the hands of the GNOME community. The code is written in Vala and is distributed under the LGPL license.

LINUX KERNEL 5.7 WILL

ACCELERATE COMPLEX LIST MATCHING IN N ETFILTER 03/1 6/2020

he developers of the filtering and modification subsystem for Netfilter have published a set of patches that significantly speed up the processing of large nftablest, which require checking the combination of subnets, network ports, protocol and MAC The goal of the project addresses. Patches have already development is to create a product been accepted to the nf-next rich in capabilities, but at the same branch, which will be proposed for time extremely easy to use and inclusion in the Linux 5.7 kernel. consuming minimal resources. The The most noticeable acceleration mail client is designed both for was achieved through the use of stand-alone use and for working in AVX2 instructions, so far. conjunction with web-based email

contents ^

NEWS

Optimizations were introduced into the nft_set_pipapo module (PIle PAcket POlicies),for things like IP and network port ranges (nft_set_rbtree and nft_set_hash manipulate interval mapping and direct reflection of values). Vectorized with 256-bit AVX2 instructions, the version of pipapo on a system with an AMD Epyc 7402 processor, showed a performance increase of 420% when parsing 30 thousand records that included port-protocol bundles. The growth in comparing the bundles from the subnet and the port number when parsing 1 000 entries was 87% for IPv4 and 1 28% for IPv6. https://marc.info/?l=netfilterdevel&m=1 58359998327736&w=2

THE REDOX OS PROJECT

INTRODUCES THE PKGAR PACKAGE MANAGER WRITTEN IN RUST 03/1 6/2020

s part of this project, a new package format is being developed, a library with package management functions and a

command line tool for creating and extracting a cryptographically verified collection of files. The pkgar code is written in Rust and is distributed under the MIT license.

code is distributed under the EPL 2.0 (Eclipse Public license) and IPL 1 .0 (IBM Public License) licenses https://www.mailarchive.com/postfixannounce@postfix.org/msg00063. html

The pkgar format does not claim to be universal and is optimized specifically for the Redox operating system. The package manager supports SECOND ALPHA RELEASE OF verification of the source by digital THE D EBIAN 1 1 B ULLSEYE signature and integrity control. https://github.com/redox-os/pkgar

POSTFIX 3.5.0 MAIL SERVER RELEASE

03/1 6/2020

fter a year of development, a new stable Postfix mail server branch, 3.5.0, was released . At the same time, they announced the termination of support for the Postfix 3.1 branch , released in early 201 6. Postfix is one of the rare projects combining high security, reliability and performance at the same time, which is achieved thanks to a wellthought-out architecture and a rather strict policy for code design and audit of patches. The project full circle magazine #1 55

INSTALLER

03/1 6/2020

The second alpha release of the installer for Debian's next major release, "Bullseye," is available for testing. The final release is expected in mid-2021 . We donâ&#x20AC;&#x2122;t usually cover alpha releases, but there seems to be a lot of interest. https://lists.debian.org/debiandevelannounce/2020/03/msg00005.htm l

N SCDE, CDE-STYLE RETRO ENVIRONMENT WITH STATEOF-THE-ART TECHNOLOGY: 03/1 7/2020

he NsCDE (Not so Common Desktop Environment) project, a retro-style CDE interface adapted for use on modern Unixlike systems and Linux is available for download. The environment is based on the FVWM window manager with themes, applications, patches and add-ons to recreate the original CDE desktop. The project code is distributed under the GPLv3 license. Add-ins are written in Python and Shell. The aim of the project is to provide a comfortable and convenient environment for lovers of retro-styling, supporting modern technology without loss of functionality. To give CDE-style user applications that are being launched, the proper skins, generators for Xt, Xaw, Motif, GTK2, GTK3, Qt4, and Qt5 are available, allowing you to style most applications using X1 1 with a retro interface. NsCDE allows you to combine CDE design and modern technologies, such as font rasterization using XFT, Unicode, dynamic and functional menus, virtual desktops, applets, desktop wallpapers, themes / icons, etc. contents ^

NEWS

compatibility with previous releases of the Java platform; all 03/1 7/2020 previously written Java projects he OpenSilver project is aimed will work without changes when at creating an open FEDORA PLANS TO UPGRADE implementation esting of the beta version of launched under the new version. the Silverlight RPM FROM B ERKELEYDB platform. As is theofcase the Fedora 32 distribution has Ready-to-install Java SE 1 4 builds with Adobe begun. The beta release signalled (JDK, JRE, and Server JRE) are Flash, Silverlight development was TO SQLITE: the transition to the final stage of available for Linux (x86_64), halted in favor of the use of 03/1 7/2020 testing, in which only critical errors Windows, and macOS. The Java 1 4 standard Web-based technologies. are allowed. The release is reference implementation Fedora Linux developers intend At one time, the open scheduled for late April. The developed as part of the OpenJDK implementation of Silverlight to migrate the RPM package release covers Fedora Workstation, project is fully open under the Moonlight was developed on database (rpmdb) from Fedora Server, Fedora Silverblue, GPLv2 license with GNU ClassPath Mono, but its development was BerkeleyDB to SQLite. The main and Live cdâ&#x20AC;&#x2122;s. Desktop spins for exceptions that allow dynamic stopped due to the lack of demand reason for the rip-and-replace is environmentslike KDE Plasma 5, linking to commercial products. for technology by users. (Indeed, the use of an unmaintained version Xfce, MATE, Cinnamon, LXDE and of Berkeley DB 5.x in rpmdb, which why ask why again?) LXQt. Builds are available for http://mail.openjdk.java.net/piper has not been updated for several x86_64, ARM (Raspberry Pi 2 and mail/announce/2020The OpenSilver project made years. The reason it has not been 3), ARM64 (AArch64) and Power. March/000282.htm another attempt to revive upgraded to a newer release is because of a license change in v6.x Silverlight technology, which https://fedoramagazine.org/annou (RPM is supplied under GPLv2, and allows you to create interactive AGPL is incompatible with GPLv2). web-applications using C #, XAML ncing-the-release-of-fedora-32beta/ On Fedora 34, BerkeleyDB support and .NET. One of the main objectives of the project is to will be read-only. extend the life of existing https://lists.fedoraproject.org/arch Silverlight-applications in the event J AVA SE 1 4 RELEASED : ives/list/devel@lists.fedoraproject. of termination of platform support 03/1 8/2020 org/thread/YYOEZO2FO2E2T6KO2 and termination of browser support for plug-ins. However, 5434EBDTIOWK5OM/ fter six months of proponents of .NET technology development, Oracle released and C # can also use OpenSilver to Java SE 1 4 (Java Platform, create new programs. Standard Edition 1 4), which uses O PEN SILVER PROJECT the OpenJDK open source project DEVELOPS O PEN https://opensilver.net/announcem as its reference implementation. ents/introducing-opensilver.aspx Java SE 1 4 maintains backward SILVERLIGHT: https://github.com/NsCDE/NsCDE

03/1 7/2020

FEDORA 32 B ETA:

full circle magazine #1 55

contents ^

C O M M AN D & C O N Q U E R

T o o ls

Written by Erik

ince Lucas absconded, we cannot fill his slot with more Lucas-stuff, so we went with something I think will be fun and interactive. (Also as I know nothing about rust or go). This may also help some of you who happen to be studying towards OSCP – but I am not saying it will. See: https://forum.hackthebox.eu/discu ssion/1 730/a-script-kiddie-s-guideto-passing-oscp-on-your-firstattempt/p1

applications are installed. You need to know which processes are running (ps). There is no shame in keeping a pocket book or .txt-file on a USB thumb drive for reference!

USB thumb drive. They are tiny, so that old 256MB thumb drive you have no use for, just became useful again!

If you look at this enumeration shell script, you will see it is in CTF or capture the flag, is an bash, unlike most other tools outflow of offsec. It creates a safe written in Python. This has the haven and an outlet for what you benefit of working on a system have learned (idle hands and all that does not have python that jazz...). There are distributions installed. (They say, a bad workman brimming with tools, like Kali or blames his tools, so be sure to read blackArch, but I do not want to tie through the script! *I did!). This is you to a distribution, or make you a about a thousand lines of ifLast issue, we did a quick statements. As this is a shell script, overview of permissions on a Linux skiddie. There are many blogs around the interwebs that you can a thousand lines can run in a system. This issue, we will quickly second. I am all for learning the discuss tools. We need to lay some follow, when it comes to offsec. command-line, but I am also lazy. groundwork first, before going to Here is one: Instead of typing the same stuff practical. Tools are handy if you do https://offsec.vchur.dk/ over and over, script them. This not want to do every last thing by They mention an interesting script is also quite recent and hand. That said, you still need to tool, linux enumeration, that is being actively developed. With know your command-line tools CTF, you are usually given a low (commands). We already looked at available on github, for your level user/password and have to ‘id’ and ‘whoami’. You also need to perusal: https://offsec.vchur.dk/201 9/02/26 work your way up. With pen know ‘ifconfig’ and ‘ip’, to see what /linux-enum/ testing, you usually gain the shell network interfaces are up. by some exploit. The difference ‘Netstat’, ‘arp’ and ‘route’ (dig?) on Don’t stop there; look at all the here is knowing the account you those interfaces. Netcat (nc) and tools in that list. LinEnum is also occupy’s password... ‘iptables’ at least. You also need to particularly useful. Do yourself a know where Linux keeps its favour and copy all those tools to a The other part of the equation; configuration files and what full circle magazine #1 55

the machine to be exploited. You can find one at: https://www.vulnhub.com/ - there are other websites you can find more of these too. I suggest getting a vulnerable Ubuntu or Debian machine, as this is what you know, being a FCM reader. This will boost your confidence and make it easy to start. Like the Hitch-hikers guide says: Don’t panic! I also have to address the elephant in the room. Please use a vulnerable VM and don’t try hacking your local .gov website. We are NOT trying to get you into trouble, but knowledge is power. This goes double for those who pester me on Telegram about this. So what is Linux privilege escalation all about? First, it’s collecting. (Enumeration), then processing (analysis), then search & refine, then goto 1 0. Yes, that is the recipe. However, you need to avoid going down a black hole that sucks up all your time and effort. Plan! It may sound convoluted, but have a plan – before you start. Become Santa. Make a list and contents ^

COMMAND & CONQUER

check it twice.

Where would you start? Good question! The ‘find’ or ‘which’ command can be your friend. You need to know what you are working with. For example: ‘find / -name python*’ or ‘which python’. So we need to look for cc, gcc, python, perl, at least. Maybe put that at the top of your list and work down. There is no surefire way, so trial and error is perfectly acceptable. See if you can access or read some of the common locations. Always read the user’s history file. (history). Look for mounted file systems or unusual ones (df). Etcetera, etcetera. Mundane things, like ‘cron’, can be a goldmine! Make a list as you go along and refine that list. Check for things like ‘curl’ and ‘wget’ and ‘nc’ that allow you to transfer files, if you do not have what you need.

(Like the bash script above). Your toolbox is the shell itself. SSH is as valid to your PC as it is to that PC. It is advisable to create an archive of your enumeration and send it to an offline PC where you can work on your ‘intel’ at your own pace. There may be commands you have never used (mknod), that you need to brush up on. As they say, all is fair in love and war. Practice makes perfect? Now for some online reading: https://sushant747.gitbooks.io/tot al-oscpguide/privilege_escalation__linux.html https://payatu.com/guide-linuxprivilege-escalation https://www.sans.org/readingroom/whitepapers/linux/paper/37 562

Yes, you have to read those, it will give you ideas and get you in the right mindset. I am not linking the gotmilk (g0tmi1 k) website as it is linked in one of those pages, but go there. Pay attention to the commands being used, you need to know those in your sleep. Notice that advice on (Linux) privilege escalation is not structured. There seems to be no pattern. However, you need to make a recipe that works for you. Next issue we will look at some practical! I will give you a lot more links then. Complaints or comments? Yes, I am a scatterbrain. E-mail us: misc@fullcirclemagazine.org

Erik has been in IT for 30+ years. He has seen technology come and go. From repairing washing machine sized hard drives with multimeters and oscilloscopes, laying cable, to scaling 3G towers, he's done it.

full circle magazine #1 55

contents ^

H O W-TO

Written by Greg Walters

P yt h o n I n T h e R E AL W o rl d P t . 1 0 3

Of all the questions I get about using Page, the one I get the most is how to create a program with multiple forms. The answer to this is really pretty easy, but is not as straight-forward as a user would think, hence the questions. The next question is how do I get the forms or windows to communicate with each other. My good friend Halvard from Norway asked how to have one form read information from another in “real time”. Again, while the answer is easy, it’s not something that most users would try before they ask the question. As most of you know, I act as an So, in this edition, I intend to unofficial support outlet for Page, present a very simple demo to help the GUI designer for Python using understand the process. AND there’s an added benefit in that Tkinter. On average, I spend probably 5 hours a week answering this solution is not limited to a Page GUI program. It can be used questions from users, both brand for any Python program including new to Page and users who have CLI programs. Your imagination is been using Page for years. I also the only limit. help out Don Rozenberg with testing new development builds, So, I thought I’d throw together trying to break it in as many ways a quick demo using Page to show as I can. Once I can’t break it how to deal with both ideas. I’m anymore, Don usually creates a release. It’s a very time consuming going to use Page since the process is much easier to show in a job, but one I really enjoy. GUI, and since the first question is full circle magazine #1 55 quick update on the recipescrapers library that I wrote about last month. Right now, there are 47 different recipe sites that are now supported, 5 of which I wrote for the project. I have a few more sites that I am working on for the project, so that number will continue to grow. Many of the scrapers are dedicated to nonUnited States sites in many different languages. I will probably explain the process of creating your own scraper in a future article.

about dealing with multiple form Page programs.

Below is what the Parent form looks like. I didn’t spend much time on making it pretty and mainly kept the attributes for everything on the form to their defaults where possible.

The project will consist of two Page forms, one called “Parent” and the other called “Child”. The Parent program will launch the Child program and will receive data As you can see, it’s a very from the child. simple form. Two buttons and four labels. The two buttons are named FORM D ESIGN or aliased (from left to right) as btnLaunch and btnExit. There two We’ll create the Parent form static labels (status and received) first. I won’t bore you with the and two dynamic labels, one that is form creation details, I’ll just a simple coloured square which provide a screenshot of the form shows the connection status to the and give you a small amount of child form and one (that shows as a important information about some fancy ribbed box) which has the special attributes of some of the textvariable set as DataReceived widgets. so it can be updated easily by code.

contents ^

HOWTO - PYTHON

This will, as the variable suggests, contain the data that comes from the child form. Before I saved the form, I moved it to the middle-left of the screen. The child form will be positioned to the middle-right side of the screen. btnLaunch has the command attribute set to “on_btnLaunch” and the btnExit has the command attribute set to “on_btnExit”. These are the names of the callback functions for each of the buttons. The only other in the top_level form is the title of “I am Parent”. Next, we’ll design our child program. This one is a bit more complicated, but not horribly so.

As you can see, there is a small simple keypad similar to a “1 0 key” with 3 helper buttons, all in a frame. There is also a label that will display the value of the key presses that has the textvariable set to DisplayLabel. The helper buttons are Clear, Bksp (Backspace) and Enter. At this point the enter key does nothing. There is also an Exit button. The three helper buttons have the command attributes set to on_btnClear, on_btnBackspace and on_btnEnter, which, again, are the callback functions, and the exit button has its command attribute set to on_btnExit. The 1 1 keypad buttons don’t use the command attribute set, since it’s easier to set the callback function, which requires a parameter containing which button was clicked, by using the bind command – which we will see in a few minutes. We’ll set the bindings in the _support module.

THE COMMUNICATIONS M AGIC To communicate between full circle magazine #1 55

programs, we use a shared python file, in this case called “shared.py”. Really apropos filename, huh? This module is imported into both (or as many programs as needed) programs as a standard import… Import shared

The file itself is actually an empty file. There is nothing in it. However, since both of our programs have imported it, they can each read from and write to it. However, you need to be careful to make sure that before you try to read the value of a variable from it, the value must have already been written to the shared module. We’ll discuss this some more when we examine the code.

THE CODE The code for the two _support.py modules will be presented below. It’s presented almost in its entirety. The code for the GUI files won’t be presented,

nor will the .tcl files, however the GUI.py files will be available from the pastebin repository so you can actually run the programs. As always, we’ll start with the imports section for the parent_support.py file. Notice we import child.py, child_support.py, and shared.py import import import import

sys child child_support shared

The next function (below) is provided by Page for us, which is the set_Tk_var function. This gives us the access to the Label that displays the values that are generated by the child program. Next up is the init function. This is the very last thing that gets run within the program before the GUI is shown to the user, so we run any initialization and setup tasks from this function. The top part of the function is already written for us by Page. I always provide the comment box, just to give me a

def set_Tk_var(): global DataReceived DataReceived = tk.StringVar() DataReceived.set('')

contents ^

HOWTO - PYTHON

fires every X milliseconds to take def on_btnExit(): care of just about any kind of # print('parent_support.on_btnExit') # sys.stdout.flush() repetitive task you want to do. You destroy_window() can also create multiple The first two lines of my added ‘root.after’ timers that run First, we set two global reset the coloured square to Red. simultaneously. The basic syntax is: variables, comm1 which is the code, set two variables in the This way, when the child program shared module. That way, when handle for the timer, and LblStat is exited, we will know it visually. handle = root.after(ms, the child program starts up, the which is the alias for our little red callback) variables are already there and can square. Next, we access the shared be written to when needed. We Finally, we “re-arm” the timer In the case above, the handle is module to see if the child process also use those variables in the next called “comm1 ” which lets me is running by checking routine, this time to check 1 00 ms function so they need to be shared.child_active to see if it’s from that point. know that this particular timer is initialized right away. If we don’t, True. This is set as soon as the child used to communicate with the Python will throw an error. Now, we look at the on_btnExit child process. Notice that I set the program starts up. If it is, we set the square colored label to “Green” callback function (shown above). time to 0, which means that the The next thing we do is assign to show that the child process is It’s very simple. We simply call the callback function will be called an alias for the status label, which immediately, and the final running and then we check to see destroy_window() function that is the red square that shows when parameter is the name of the if shared.ReadyToRead is set to will cleanly end the program. The the child program is running and True – which is basically a flag that destroy_window function is callback function. connected to the shared module. says that one of the numeric keys provided by Page as is the Finally, I set up a timer function has been clicked. If it is, we get on_btnExit callback skeleton, since Bottom right is the callback that Tkinter provides called that data, put it into the display we added the callback name in the function code… “root.after”. This is an event that label with the .set() method, and command attribute for the exit clear the ReadyToRead flag, so we button. All we have to do is add def init(top, gui, *args, **kwargs): can wait for the next click event on the line “destroy_window()”. global w, top_level, root the child process. If the w = gui top_level = top shared.child_active flag is False, we Next, we’ll look at the “landmark” to easily find the function. We’ll discuss my added code below...

root = top # ================================================= # My init code starts... # ================================================= shared.child_active = False shared.ReadyToRead = False global LblStat LblStat = w.Label5 LblStat.configure(background='RED') global comm1 comm1 = root.after(0, on_tick)

full circle magazine #1 55

def on_tick(): global comm1, LblStat if shared.child_active == True: LblStat.configure(background='GREEN') if shared.ReadyToRead: DataReceived.set(shared.ChildData) shared.ReadyToRead = False elif shared.child_active == False: LblStat.configure(background='RED') comm1 = root.after(100, on_tick)

contents ^

HOWTO - PYTHON def on_btnLaunch(): # print('parent_support.on_btnLaunch') # sys.stdout.flush() child.create_Toplevel1(root)

btnLaunch callback function (above). This is how we make the child program start. Again, we used the command attribute for the button in Page, so the skeleton is started for us…

Again, we’ll start with the import section. Notice here, that we need to import only the shared module, since we don’t need to call any functions from the parent. import sys

The only line we need to enter here is the last one. Since we have import shared already imported the child.py GUI Top right is the definition for file at the top of the code, we just the label that shows the running need to call the create_Toplevel1 () function. This is the entry point for value from the keypad button the program when it is called from entries. another program. The first thing we do is set up a global variable to hold the Finally, I’ve provided the destroy_window() (below) which is accumulated value of the keypad entries. We then call the function provided by Page, just so you can setup_bindings() that attaches the see it. callback function to all of the buttons of the keypad. Finally, we Now we’ll look at the child set the shared.child_active flag to program. It is a bit more True. complicated, but not overly so. Again, I’m going to provide the Since we are going to pass code here for only the parameters to the callback for the child_support.py module. def destroy_window(): # Function which closes the window. global top_level top_level.destroy() top_level = None

full circle magazine #1 55

def set_Tk_var(): global DisplayLabel DisplayLabel = tk.StringVar() DisplayLabel.set('Label')

Here is the init function from the child program. Again, you can see where my code starts. def init(top, gui, *args, **kwargs): global w, top_level, root w = gui top_level = top root = top # =============================== # My init code starts... # =============================== global valu valu = '' setup_bindings() shared.child_active = True

keypad buttons, it’s much easier to deal with things here (below) than to try to do it within Page through the command attribute.

for when a keypad button is clicked. Notice this must be done from scratch, since Page has no idea of the need for the function.

Now we define the callback routine code (next page, top left)

In the callback, we simply take the value (which is the number of

def setup_bindings(): w.btn0.bind('<Button-1>', lambda e: on_btnClick(e, 0)) w.btn1.bind('<Button-1>', lambda e: on_btnClick(e, 1)) w.btn2.bind('<Button-1>', lambda e: on_btnClick(e, 2)) w.btn3.bind('<Button-1>', lambda e: on_btnClick(e, 3)) w.btn4.bind('<Button-1>', lambda e: on_btnClick(e, 4)) w.btn5.bind('<Button-1>', lambda e: on_btnClick(e, 5)) w.btn6.bind('<Button-1>', lambda e: on_btnClick(e, 6)) w.btn7.bind('<Button-1>', lambda e: on_btnClick(e, 7)) w.btn8.bind('<Button-1>', lambda e: on_btnClick(e, 8)) w.btn9.bind('<Button-1>', lambda e: on_btnClick(e, 9)) w.btnDot.bind('<Button-1>', lambda e: on_btnClick(e, 10))

contents ^

HOWTO - PYTHON def on_btnClick(e, which): global valu if which < 10: valu = valu + str(which) elif which == 10: valu = valu + "." shared.ChildData = valu DisplayLabel.set(valu) shared.ReadyToRead = True

the button) and append it, as a string, to the valu variable. We also check to see if the period key (value 1 0) was pressed, and if it was, then we add the period into the display value. Finally, we put the data into the DisplayLabel through the .set() method, and set shared.ReadyToRead to True, so the parent knows to pull the data.

def on_btnEnter(): print('child_support.on_btnEnter') sys.stdout.flush()

The callback for the Exit button is mostly the same as for the parent, but we also set shared.child_active to False, so the Parent knows to change the status square from Green to Red and not to try to poll.

child_support.py https://pastebin.com/Vg0K1 w5G

def on_btnExit(): print('child_support.on_btnExit') sys.stdout.flush() shared.child_active = False destroy_window()

I hope this article has given you some food for thought that can be used in your own programming.

The btnClear callback function sets the global valu to an empty string, sets data into the shared module and the display label, and then sets the shared.ReadyToRead flag to True.

Until next time, keep coding.

We donâ&#x20AC;&#x2122;t do anything with the Enter button, so we just leave the skeleton for later use (far right). As usual,, Iâ&#x20AC;&#x2122;ve put the code for the programs on Pastebin. You can find the links below: parent.py https://pastebin.com/AZXXvuAU parent_support.py https://pastebin.com/3iBHgCN0 child.py https://pastebin.com/bwZLnkHc

Greg Walters is a retired

programmer living in Central Texas, USA. He has been a programmer since 1 972 and in his spare time, he is an author, amateur photographer, luthier, fair musician and a pretty darn good cook. He still is the owner of RainyDaySolutions a consulting company and he spends most of his time writing articles for FCM and tutorials. His website is www.thedesignatedgeek.xyz .

full circle magazine #1 55

def on_btnClear(): # print('child_support.on_btnClear') # sys.stdout.flush() global valu valu = '' shared.ChildData = valu DisplayLabel.set(valu) shared.ReadyToRead = True

Finally, we deal with the callback for the Backspace button. We simply strip the last character from the valu string, display it, pass it to the shared module, and set the flag so that the parent program will read it. def on_btnBackspace(): # print('child_support.on_btnBackspace') # sys.stdout.flush() global valu valu = valu[:len(valu)-1] shared.ChildData = valu DisplayLabel.set(valu) shared.ReadyToRead = True

contents ^

H O W-TO

U b u n t u An d S e c u ri t y

Written by Erik

ne of our readers, Joe Wong, wanted to know how to set up things like TOR and nmap and the like on Ubuntu. As his questions were too broad to cover in questions and answers, I decided to do a mini tutorial on it. Let us start with the short ones, and work ourselves up to the longer winded ones? Nmap is easy. ‘Sudo apt install nmap’ will do the trick. Should you prefer the GUI, you need to install Zenmap. The nmap website has great tutorials on how to use nmap / zenmap. Documentation here: https://nmap.org/book/man.html I find nmap to be faster and more accurate than angry IP scanner for Linux. There is even a book dedicated to this useful tool. You can read some of it here: https://nmap.org/book/toc.html Similarly, wireshark is available from your repositories, so ‘sudo apt install wireshark’ will fetch it for you, alternatively search in the software centre. If you need a quick primer,

https://www.youtube.com/watch?v sudo nano just type the following =TkCSr30UojM - is a handy link. As /etc/apt/sources.list.d/tor.l ist network traffic analysers go, this is sudo apt-get install tor deb.torproject.org-keyring awesome. If you just want the Add the following lines, torbrowser-launcher basic commands, go here: replacing “bionic” with your https://www.tecmint.com/wireshar version’s code-name: Rootkit Hunter : k-network-traffic-analyzer-forhttp://rkhunter.sourceforge.net/ is deb linux/ https://deb.torproject.org/to not difficult to install and run rproject.org bionic main, and either. Type: TOR comes in two parts, the deb-src TOR network, and the TOR https://deb.torproject.org/to sudo apt install rkhunter browser. The browser installation rproject.org bionic main is as simple as downloading the There is a bit of an ncurses .deb-file from the TOR browser You will also need to add the based setup to go through, but it is website and installing it. The other key: really straightforward. option is to download the .tar-file and extract it to your home folder. curl Once installed, rootkit hunter https://deb.torproject.org/to The compressed file includes a rproject.org/A3C4F0F979CAA22C needs you to edit the launcher you can copy to your DBA8F512EE8CBC9E886DDD89.asc configuration file a bit: | sudo gpg --import desktop, if you like. It is a good idea to keep the folder separate sudo nano /etc/rkhunter.conf gpg --export from your current Firefox A3C4F0F979CAA22CDBA8F512EE8CB installation. The browser manual is C9E886DDD89 | sudo apt-key and make sure MIRRORS MODE=0 add here: https://tband WEB_CMD="" manual.torproject.org NOTE: There are double dashes That’s it. TOR network needs a bit more. before import and export, word It is safest to install TOR from the processors do weird things with Now we get to talk about one double dashes. official repository. To add it, simply of my favourite security tools, edit your sources file. I will use Lynis. So many checks, so little After the obligatory: nano here, but the editor does not time. You can find it here: matter https://cisofy.com/lynis/ sudo apt-get update full circle magazine #1 55

contents ^

HOWTO - UBUNTU AND SECURITY You can download the compressed file and do it all manually, but it is easier from the terminal. Let us grab the key first: sudo wget -O https://packages.cisofy.com/k eys/cisofy-softwarepublic.key | sudo apt-key addâ&#x20AC;&#x2122;

Now: sudo apt install apttransport-https

Followed by:

echo 'Acquire::Languages "none";' | sudo tee /etc/apt/apt.conf.d/99disable -translationsâ&#x20AC;&#x2122;

Lynis is currently at 2.7.5, but you can install as far back as 2.6.6 for Ubuntu 1 4.04.

IF YOU ARE USING IT IN ENGLISH.

Lynis is a tool that needs to be run as root or else it will just skip some of the most important tests:

Now add the sources: echo "deb https://packages.cisofy.com/c ommunity/lynis/deb/ stable main" | sudo tee /etc/apt/sources.list.d/cisof y-lynis.list

sudo lynis audit system

REFERENCES: https://packages.cisofy.com/comm unity/#debian-ubuntu There are other ways to install Lynis, but this is the easiest. If there are any queries on the installation of these tools, or maybe their use, please email us on misc@fullcirclemagazine.org

You know the drill after this: sudo apt update && sudo apt install lynis

full circle magazine #1 55

contents ^

H O W-TO

R a wt h e ra p e e - P t 1

Written by Erik

Wesbsite: https://rawtherapee.com/ Version 5.6 Price: Free!

e have been looking at Darktable in FCM, but know it is not your only choice in photo editing. Today we look at another excellent piece of open source software. It may seem a bit daunting when you open it at first. I know I was lost the first time I opened this. Left to right , we have five panes, the first being the itty-bitty

strip, with your file browser queue. Then browser, main window, another strip, and editor. (In editor mode, we only have four panes). We will be spending our time in the editor. Your keen eye may have spotted that there are little bars with an arrow attached in the menu bars. These are the show / hide buttons. Mouse over may say “i”, “shift-i” and “alt-i”, but the keyboard shortcuts work only once you have clicked these buttons (but not the very first time). This will give you a large canvas to work on. Now that you have hidden all the confusing looking panels,

full circle magazine #1 55

you will find that it is actually pretty intuitive. Mouse wheel, or plus and minus, will zoom. Crop is ‘c’, straighten is ‘s’, and so forth. The very last pane on the right is not a static pane, you will see it actually change as you select different tools. Open the pane, look at it, and press ‘s’. The little blue underline bar moved from the first icon to the fifth, and changed the panel below it. This is what I mean when I say it is not static.

Your homework is to mouse over the different icons and see what they do. The image we will be playing with today (shown below) is: https://www.wesaturate.com/phot o/Xdrk0tiDa2 Please grab the RAW image. The JPEG is this pink processed image. Once you have opened the

contents ^

HOWTO - RAWTHERAPEE picture in Rawtherapee, I need you to open the very right-hand pane again. This is where we will be working. We will start with exposure. You will see that the layout has workflow in mind. To demonstrate how this great application works, we will edit this basic picture. Look at the tone curve. Rawtherapee has already done the heavy lifting for you. However, it may not be to your liking. What I am about to show you is for you to learn post processing. It is not the “best” way, as best is subjective. As long as YOU like it - and maybe your mother – unless you are doing post processing on your pictures for other people, on instagram or facebook, where you are conditioned Pavlov’s dog-style, for likes.

Let’s start with black-and-white. There is a reason there are two triangles with exclamation marks in the top bar. Think of them as ‘clipping’ black and white. You will see eight points marked on your histogram, if you are using the above picture. Too many, I think for a simple image like this. You can remove some by clicking and holding and dragging the point to the very bottom. They should turn

red as you mouse-over them, then, as you drag them off the bottom, the line should snap back. Should you make any mistakes, just click “auto matched tone curve” and it should be reset. From the left, I want you to remove the second and third dot or pin. Also I want you to remove the second-last pin. Your histogram should have only five pins. The image has almost no black, so we can drag the leftmost pin until where our histogram starts rising. Keep an eye on your picture whilst doing this. This should cause the shadow of the yacht to become more pronounced. Bring your rightmost pin a block in also, to help with the bright white in the sky. Now click

full circle magazine #1 55

the two triangles with exclamation points in them in the menu. YUK! you may say. Relax, this is showing you where pure white and pure black exist within your picture, It does not change anything. You can turn them off now. Let me talk about the three sliders above your histogram. Lightness, contrast and saturation are all well and good, but Rawtherapee supports L.a.b. colours as well. In L.a.b., the Luminance can change contrast without saturation. This is important when you need to change the lighting, but keep the saturation the same. If you turn up the contrast to about 35-40, you

will see the water come alive, yet the yacht will become a black blob, which is not ideal. The opposite happens when you turn the contrast down, the life seems to drain from your picture. Contrast in a photo is very important. This gives life and depth to an otherwise mundane picture. I know that sounds weird, but it is true. If you just want to copy what the guy did in the picture above, turn the contrast up full, then go to the white balance icon and drag the red/blue slider all the way to red, and you are done. Back to editing our borrowed photo. The very first slider is “Exposure compensation”. This tool is very sensitive, so use it sparingly. I use the “+” and “-” buttons to adjust mine. Since this picture is into the light, I want to bring mine down, just a little. Enough to keep the detail in the sky. Again, keep your eye on your histogram, as it will move the histogram towards your leftmost cutoff point. Mine is at “-0.20”. I am going to adjust my saturation to about “35” just to make the sun behind the clouds come alive. You may think Rawtherapee is a simple editing program. You would contents ^

HOWTO - RAWTHERAPEE be wrong. Keep your mouse in the right-hand pane and scroll your mouse wheel. Lots more adjustments appear. When you have scrolled to the bottom, you should see “Graduated filter”. Please click on the crosshairs in the very left-top corner of ‘graduated filter’. You should see large crosshairs appear on your photo. Adjust it so that the bottom one aligns with your yacht. Now, next to the word “Graduated filter”, you

will see a circle. Click on it. This will turn the filter on. Notice how the sky darkens, but the water stays the same. You are going to want to rotate this so that the light and dark patches match the angle the sun is shining over the clouds. This helps your brain make sense of the photo, that it does not seem “shopped” - Remember, less is more! I want you to play with the

“Strength” slider. Understand where the light and dark are. Next I want you to increase and decrease the “Feather”. This is the transition distance between the light and dark.

see “Tone Mapping”. Turn this on for instant sharpening. There is, of course, a “Sharpening” section too, but more next month as we explore this excellent application. Party on Wayne, party on Garth.

To get that vintage camera feel, If you would like more on just turn on “Vignette Filter”, you Rawtherapee, please email us on do not have to adjust anything. For misc@fullcirclemagazine.org and our use case here, I am going to let us know. leave it off. If you scroll your mouse up just a little bit, you will Disclaimer: In no way am I an expert in photo manipulation, I just know a guy who had a dog that gave me some fleas. I thought I may help you scratch an itch also.

full circle magazine #1 55

contents ^

full circle magazine #1 55

contents ^

H O W-TO

I n ks c a p e - P a rt 9 5

Written by Mark Crutch

This month and next, I’m going to cover a couple of Inkscape features that have fallen through the gaps in my previous coverage. The first of these, disgracefully, dates back to the 4th instalment of this series, way back in 201 2! In FCM#64, when describing the options in the Fill and Stroke dialog, I wrote: “Also being put off for later articles are the Unset Paint button that looks like a question mark, and the two splodges on the right ofthe Fill tab. ”

To understand what effect these splodges – which are actually a pair of mutually exclusive radio buttons – have on your objects, we’ll need a path to test with. Not just any path will do, however. These buttons have an effect only on paths that are either selfintersecting, or which contain subpaths. Let’s deal with the former to start with: what exactly do I mean by ‘self-intersecting’?

moved around a little.

Notice how the stroke is visible for both arms. If one crossed over The second shape is a selfthe other you might expect the intersecting path. It’s a closed path stroke of the arm on the bottom to that is drawn such that it crosses be obscured by the one that’s on itself, although the word ‘crosses’ top, but that’s not how things work carries a misleading implication in in the 2D graphics world. You’d this case. Remember that Inkscape also expect the colour of the fill to is a 2D drawing program, with no be a little darker where the two notion of the third dimension. So translucent arms cross over, but when making this shape I didn’t that’s not the case either. really move one arm ‘over’ the other, as you would do when It’s also important to note that making the same shape with a Consider the paths below. The the arms don’t have to completely piece of string. Rather I moved it one on the left is just a simple Upass through each other in order The Unset Paint button was ‘through’ the other, in the same 2D shaped filled path. Nothing special, to be a self intersecting shape, and eventually described in part 30 plane. Neither arm is on top of the that the shape could self-intersect no sneaky tricks. Just 1 0 nodes (FCM issue #90), when I covered its forming a shape with a couple of other. Neither arm ‘crosses’ the multiple times, as demonstrated in use with clones. But what of the other. Instead the resultant shape arms. The shape on the right is just these variations on the theme: “two splodges on the right of the simply intersects with itself. a duplicate of the first one, with Fill tab”? For clarity, let’s first take the end of the left arm moved to a look at a screenshot of the Fill Turning on the stroke and the right, and the end of the right and Stroke dialog, in which I’ve reducing the fill opacity makes this arm moved to the left, so the arms circled the splodges. a little clearer: cross each other. No nodes were added or removed, they were just

full circle magazine #1 55

Now we’re all clear on what a self-intersecting path actually is, let’s look at how they’re affected contents ^

HOWTO - INKSCAPE

by the splodgy radio buttons. The first thing to note is that the images so far have all been taken with the second button selected – the one that’s completely filled in. Switch to the first button, and we get this:

idea of in-and-out doesn’t always apply in the world of computer graphics. Instead there are different rules or heuristics for determining whether a point is inside or outside a shape – and the splodgy buttons are used to switch between a couple of those rules. Let’s take a look at paths with subpaths to try to explain why there’s a need for this choice.

When you look at the selfintersecting shapes above, it’s pretty obvious that the fully-filled option (second button) is the right choice most of the time. Imagine trying to draw a figure-of-eight, only to find that the part where the shape crosses itself is unfilled. Definitely better to use the second The basic U-shaped path option, so we’ll ensure that’s remains unaffected. It’s not a self- selected. Now we’re going to draw intersecting path, and it doesn’t a circle with a hole in it. There are a contain any sub-paths, so the radio few ways to achieve this but, to buttons have no effect. All the make a point, I’m going to use a others, however, have no fill very specific method: rendered in the intersecting parts. • Draw a circle for the outside. The stroke is still drawn, but the fill • Draw a smaller circle for the isn’t. inside. • Path > Combine to create a This behaviour is a little complex path, made up of two subconfusing at first. Surely the paths. intersecting parts are inside the shape, so they should still be filled, In this image (above) you can right? Unfortunately our intuitive see the two separate shapes on full circle magazine #1 55

the left, and the result of combining them in the middle. The ‘hole’ in the shape is filled – not really what we were after. Switching to the first button, however, gives the expected result, as shown in the version on the right.

Now we’ve got a simple rule-ofthumb: use the left-hand button for paths with sub-paths, and the right-hand button for selfintersecting paths. But what if we have a path that is both selfintersecting and has a sub-path describing a cut-out? Something like this odd piece of jewelry or alien symbol, shown as it appears

with each of the two splodgy radio buttons selected: On the left we have the problem of no fill in the selfintersecting part, but the hole is fine. With the right-hand button we get a fill in the self-intersecting part, but no hole. Is there any way we can have the best of both options? The answer is obviously ‘yes’, but to get there it helps to understand what the two heuristics are that we’ve been switching between. The first button has a tooltip that reads “any path self-intersections or subpaths create holes in the fill”, and is referred to as the “evenodd” rule. The heuristic for this is pretty simple: • Pick a point in the shape. • Draw an imaginary straight line from that point out of the shape in any direction. contents ^

HOWTO - INKSCAPE

• Keep a ‘crossing’ count, which starts at zero. • Add one to the count each time the line crosses a path or sub-path boundary. • If the final count is even, the point was outside the shape. If the count is odd, the point was inside the shape.

left to right (clockwise from the perspective of the point) or subtract one if the path is crossing from right to left (counterclockwise). • If the final count is zero the point is outside the shape, otherwise it is inside.

From this algorithm and the mention of “counterdirectional” in the tooltip – you may have already worked out that using the second splodgy button (non-zero) lets us switch sub-paths between filled and unfilled by reversing the direction of the nodes. Fortunately for us, Inkscape makes this fairly easy: The second button has a tooltip • Select the composite path and that reads “fill is solid unless a switch to the node tool (F2). subpath is counterdirectional”, and • Select a node in the sub-path. is referred to as the “non-zero” or • Use Path > Reverse to reverse the “winding” rule. This heuristic relies order of the nodes in the sub-path on the fact that each sub-path has without changing the shape. a direction associated with it, and works like this: You can see the effect of this • Pick a point in the shape. approach in the following image. In • Draw an imaginary straight line this case I’ve also added arrow from that point out of the shape in markers to the paths, to clarify any direction. what’s happening. The first image • Keep a ‘winding count’ which is our starting path, created by starts at zero. combining an oval with a self• Each time the line crosses a path intersecting shape. You can see or sub-path, add one to the count from the arrows that the sub-path if the path is crossing the line from is running counter-clockwise. In the full circle magazine #1 55 By performing this for a point in each region of the shape, Inkscape can determine which areas are inside, and therefore need to be filled, and which are outside. But it does result in self-intersections being counted as outside, and left unfilled.

second image I’ve reversed the direction of the sub-path, the arrows point the opposite way, and the shape has a hole for the subpath but not for the selfintersection.

Unfortunately this simple approach doesn’t appear to work in the beta of Inkscape v1 .0, where the Path > Reverse operation reverses the entire path rather than the selected sub-path. The only option in this case is to use Path > Break Apart to split the shape down into its constituent parts, then use Path > Reverse on just one of those paths, then finally use Path > Combine to recombine them back into your original complex path. This is a definite step backwards in the workflow, so I will be filing a bug about this on the Inkscape issue tracker.

works for simple shapes where the nesting of sub-paths isn’t very deep. For more complex arrangements you may need to reverse more than one path to get the effect you want. And if there are also intersections between sub-paths, or self-intersections within them, you may never be able to get just the fill you want, no matter what you try. In those cases you may find it easiest to use the first splodge (even-odd) to fill the entire shape, then create your complex hole arrangement by clipping with a suitably constructed path. It’s worth noting that you might never experience this problem. Punching a hole through a shape is more commonly done using Path > Difference than Path > Combine, and the former usually results in a sub-path going in the right direction. But it’s worth knowing about these splodgy buttons and how to work with them, just in case you ever find yourself presented with a path that contains inexplicable holes or fills where it shouldn’t.

This path-reversing approach

contents ^

H O W-TO

Written by Alan Ward

his series is aimed at learning to make something of the old photos in my possession, and of others in the public domain due to their age. You, the reader, are welcome to tag along and, I hope, glean some small insight and perhaps an idea or two from time to time. No promises are made as to the quality of the content, or potential errors and omissions. I am a computer scientist, not a true artist or a professional of image restoration. So please take all this as a best effort, but with no firm guarantees — much as is the case of most open-source software. In the previous part of this series, we finished up colorizing an 1 9th century black-and-white landscape view of the castle of Foix in Southern France. For today’s part, we will change subjects. We work on an early 20th century image, a studio portrait. Paul Trappen, presented as the world’s Strongest Man, was photographed, and the resulting prints sold as a postcard. The result is now available on Wikimedia Commons at address

Kri t a T o R e wo rk O l d P h o t o s P t . 5

https://commons.wikimedia.org/wi background. The use of large ki/File:Portrait_of_Paul_Trappen.jp surface-area glass plate negatives allowed fine details to show up g. well. Lighting tends to be good in most cases, with a wide range of shades of gray that fill in volumes nicely. This is clearly the case in today’s exhibit, where the sheer mass of the subject’s arms were of interest. However, some areas of his anatomy --the upper chest and arms-- did get washed out a tad by excessive lighting, while the lower face and underarm areas suffer

from a slight lack of light. All in all, we have a rather good base from which to start. Once opened in Krita, an initial assessment with a histogram confirms our impression of a globally balanced image, though with some preponderance of lighter pixels. Darker shades are merely represented by the subject’s briefs. The command in previous versions of Krita to show a histogram used to be at menu

This image shows us some typical traits of an early 20th century studio portrait. Photographic technique had been rather perfected at the time, and subjects were usually presented in a more-or-less contrived --but lifelike-- pose, in front of a suitable full circle magazine #1 55

contents ^

HOWTO - KRITA

option “Layer”, then “Histogram”, then “GRAY/Alpha 32 float”. In newer versions such as Krita 4.2, however, it seems to have migrated as a separated dockable window (“docker”), that can be invoked from menu option “Settings”, then “Dockers”, then activate the “Histogram” checkbox:

different options to see which calculation method suits your image best. In this case, I gave the athlete the “Min” setting, which conserves the lowest (darkest) values while soothing somewhat the (slightly) overexposed areas of skin.

Three superimposed curves representing the red, green and blue components of the image show us the darker colors (in the left-most quarter of the histogram) are slightly lacking, while frequencies rise as we progress towards the right and the lighter shades of each color. This presentation with individual colors separated makes us aware that there is some imbalance between channels, with more yellow and a touch of extra red towards the extreme right. This is easily seen in the original image, with its sepia (reddish-brown) tinge. This is the first alteration we will need to make, to obtain a truly neutral base on which to start working. To reduce the colors in an image, in Krita there is a handy tool called “desaturation”: select menu option “Filter”, “Adjust”, then “Desaturate”. Then try out

I then created a new layer, converted its use from “Normal” to “Color”, and then painted in some basic skin color. This technique of merely superimposing a new layer instead of altering the original has its uses, which will become full circle magazine #1 55

apparent later on. For the background, since we cannot really know what tone backdrop the original studio used, we can only make a reasonable supposition. I went for a rather neutral blue, since that would have given the subject an impression of sky -- even though he would have known full well that the exact color would not appear in the photograph.

careful on the boundaries between these colors. Other color limits are not important just yet, since we will need to paint in further colors for details. But, precisely which colors do we need to use? Without any supplementary information on the subject, we are incapable of knowing what was the color of his hair or eyes, what colors were used for the ribbons of the medals, or even what metal these were made of. With a bit of creative imagination, and keeping to the domain of reason as closely as

Just these two simple tweaks already give a more lifelike impression than the original. However, we do need to get these first main colors just right. Also, be

contents ^

HOWTO - KRITA

possible, I opted for reddish-tolight-brown hair, brown eyes, and a mix of basic colors for the ribbons. With some application, we can get to a result similar to this one. I have been using both the standard “basic-1 ” brush, and the “airbrushsoft” airbrushes, with small sizes down to 5 pixels. At times, lowering the brush opacity has been of help to do finer details such as, for instance, the subject’s eyebrows. Do not forget details such as the subject’s nipples, which are not quite the same flesh color as the skin around them.

Once we have these basic colors put in, it is a good time to stand back and take a global view of our image. So far, so well, as it is clearly more realistic than the original sepia-toned black-and-white. However, there are a couple of points that need to be improved. In the first place, the subject is clearly of German origin, so the rather dark complexion is not very realistic. A reddish tint would, perhaps, be more typical of people from Northern Europe, specifically when, as an athlete, the subject

full circle magazine #1 55

would have spent some time out in the open. To solve this setback, I put in two more layers. One went between the original image and the color layer, and was set to “lighten”. On it, I lightly airbrushed some white (using 20% opacity) on the darker parts of the subject’s face and hands, thus removing part of the shadows that the original photographer had left due to his lighting solution. The second new layer was set up on top of the color layer, as a separate “normal” layer.

On it, I airbrushed --also, lightly-some red on the same spots. Thus, we get a slightly reddish tinge to facial shadows, and on the arms and hands. Some observations of modern, color, photographs show that this is more “normal” when the subject is a person with a lightcolored skin tone. The other problem can be related to the texture of the photographic paper originally used to print the image. When the postcard was photographed digitally in modern times, the relief on the surface of the paper shows up as a fine corrugation mark, present on the whole surface. It is not especially problematic on the blue background since the backdrop used would have been made of some cloth, and could very well have had some texture to it. But the end result is not very realistic on bare skin, or the metal of the medals. To remove this texture, I worked only on the original image, leaving the color layers as they were. In Krita, there is a tool to do this: choose menu option “Filter”, “Enhance”, then “Wavelet noise reducer”. This has been specifically made to reduce periodic noise contents ^

HOWTO - KRITA

effects in the image. I got good results with a threshold setting of 20, up from the default setting value of 7. The tool cannot get rid completely of the texture without erasing some of the image details, but if used with care can eliminate most of the paper texture. The final image can then be cropped to suit, and compared to the original: Big Paul now almost seems real once more. Interested readers may wish to download this photo, and try their own combinations of colors. Which are the most realistic, taking into account the geographical context and time period? In the next part of this series, we will be working on another portrait -- but this one will not be a photographerâ&#x20AC;&#x2122;s work from the early 20th century but, rather, a very typical effort from the late 1 970s when technology had changed and color photography had become more commonplace. Until then, take care!

Alan holds a PhD. He teaches comp

sci and eng at Escola Andorrana de Batxillerat. He has given GNU/Linux courses at the Uni of Andorra and taught GNU/Linux systems admin at the OU of Catalunya.

full circle magazine #1 55

contents ^

by: ErikTheUnready

full circle magazine #1 55

contents ^

L I N U X L O O P B AC K

n om a d BSD

Written by S. J. Webb

ome very interesting events are circulating within the BSD world. Hyperbole is turning to a hardened fork of the openBSD kernel for development. Project Trident left FreeBSD to use Void Linux as their base. Apparently the Linux kernel is being too “wontoon” for security, whereas FreeBSD is difficult for device management.

I attempted to install nomadBSD previously, but my thumb drive failed to launch on my laptop. The installation instructions seem pretty straightforward, but I’m positive I did something incorrect during setup. I am excited to see nomadBSD on the scene. It can be a viable option for any laptop since it can detect hardware. I only see

about four more columns touching the world of BSD. One will be focused on nomad and MidnightBSD, Project Trident and HyperbolaBSD, and the other minor BSD variants.

These two events point towards the intrinsic problem with Linux and BSD kernels and the associated attitude within each community. So there are a lot of items to consider in the future for both operating systems. Do you choose one that is difficult to install? Or do you choose the one that is easy to install, but insecure? While pondering on this question, I came across nomadBSD. It is based on FreeBSD. It is a persistent live system for thumb drives. It is pretty light on the hardware requirements. And might be a possible alternative to consider for the varying BSD OS on the scene.

SJ Webb is a researcher coordinator. When he is not working, he enjoys time with his wife and kids. He thanks Mike Ferarri for his mentorship.

full circle magazine #1 55

contents ^

EVERYD AY U BU N TU Person a l I n fo M a n a g em en t Pt3

Written by Richard Adams

ast month, we got started with the Thunderbird Address Book to help us with basic contact management. This month, we’ll look at managing our calendar using the Lightning extension for Thunderbird. This is all in service of the common New Year’s resolution to become more organized in the upcoming year. Thunderbird’s PIM, or Personal Information Manager, capability can be a big help with that goal.

other things we might want to keep track of in our personal calendars. Unlike Microsoft’s Outlook on Windows, Thunderbird does not have calendaring built in. Fortunately, the Lightning extension was developed to address this, and is an important addition to Thunderbird’s Personal Information Management capabilities.

Go to the Tools menu up top, then click Add-Ons. If you are on a current version of Thunderbird, click Browse all add-ons. A web browser window will open:

an older version of Thunderbird and did not find it convenient to upgrade right now, so I had to take an extra step. I went to View older versions on the Thunderbird Addon web page, and found the version that matched Thunderbird 52.2.1 . I then downloaded the XPI format file and saved it to my Download folder.

I NSTALLING LIGHTNING

B ASIC CALENDAR M ANAGEMENT: LIGHTNING EXTENSION FOR THUNDERBIRD

To install the Lightning extension to Thunderbird, we’ll need to launch Thunderbird first. Go to the Dash (first icon on the Launcher, the strip that runs down the left side of the screen), and A challenge many of us face – as type in Thunder. That should be we age and have health issues (or more than enough for the Dash’s sometimes as just a function of our search capability to bring up Thunderbird. Click to launch it, and personal circumstances, rather than age) – is the need to manage you’ll get your Thunderbird email client. our personal calendars for such things as keeping up with doctor’s appointments. Of course, the same principles also apply for work, for anniversaries and birthdays, for personal plans, and for a myriad of full circle magazine #1 55

Search for Lightning in the search box at upper-right:

Then, I had to go to Thunderbird’s Add-Ons under Tools again and select Extensions:

You can click Download Now to start the installation. Now, I have

contents ^

EVERYDAY UBUNTU - PIM Click the Gear icon at the top YOUR N EW THUNDERBIRD and select ‘Install add-on from file’. Navigate to where the XPI file was I NTERFACE saved and double-click it. The AddOn Manager will now install the add-on. This is good to know for other installations, as XPI format files are commonly used for AddOns found outside the official Thunderbird support pages. You will want to click Install Now on the dialogue box that comes up:

After the installation of the add-on, Thunderbird will prompt you to restart the application. Once you’ve done so, you’ll see a new pane to the right showing your current day’s events and appointments: Press Keep at the bottom to let Thunderbird know you want to continue using the Lightning addon. Click the X on the Add-On Manager tab to shut it down and return to the main Thunderbird interface, which will still have the new Lightning pane:

personal calendar by clicking New Event in the upper right and fill in the information for your event as appropriate: Next month: Connecting Lightning to Google Calendar.

Add new events to your

full circle magazine #1 55

Richard 'Flash' Adams spent about

20 years in corporate IT. He lives in rural northwest Georgia, USA, with his adopted 'son', a cockatiel named Baby.

contents ^

U B P O R T S D E VI C E S

Written by UBports Team

COMING SOON

1 D. Provided by Stamus networks, ready to use Suricata IDS/IPS ecosystem. 2A. Try it, this could be fun too? 3D. Sponsored by the state of Cuba, based on Ubuntu. (Previously based on Gentoo). 4A. “Linux for the lazy Slacker” when you see the bonsai tree you will know. 5D. Debian... with XFCE, made to look like warty warthog. 6A. Like a Japanese meal, based on 2A. 7D. Discontinued BSD distro for SPARC and x86. 8D. You can suck it... 9A. What monks do... 1 0A. Like the Pagani mid engine sports car... 1 1 D. Eyecandy German OS that may come from Alpha Centauri. 1 2A. A Linux school project client. 1 3D. Jennifer Saunders would say it's “fabulous”. 1 4D. Resurrection of Cub Linux. 1 5A. Home entertainment system built on Linux. 1 6D. Not the programming language or Taylor. 1 7A. Just enough OS for Kodi. 1 8A. Goes well with Lamb. 1 9A. Where Enlightenment marries Deabian.

full circle magazine #1 55

contents ^

full circle magazine #1 55

contents ^

M Y O PI N I O N

Written by Wil Lake

his article covers my experience (so far) of Ubuntu 1 8.04 – including when I purchased a new Dell laptop at the end of 201 9. Specification = Inspiron 1 5.6 inch model 3581 , with 8GB RAM, Intel 7th Gen Core i3 Processor + Tray load DVD device. As you will see, my first introduction to Ubuntu 1 8.04 was quite drastic.

day basis, without administration rights, so that I could not inadvertently issue disastrous commands.

N e w To U b u n t u 1 8 . 0 4 overcome the problem.

The boot up process was trying to use the Extensible Firmware Interface (EFI) and, due to my lack In 201 7, the laptop generated a of understanding, I tried to find fault that was fixed by Dell; on its information from the web as well return it had the new Ubuntu 1 6.04 as purchasing ‘The Official Ubuntu installed. When Ubuntu 1 8.04 was Book’, but had to revert back to released, I read up about it and booting up using Basic thought that I could investigate it Input/Output System (BIOS) and by booting the 1 8.04 version from Master Boot Record (MBR). A BIT OF BACKGROUND. a USB stick, as there was no DVD/CD device on my laptop. So I waited until I could afford For what seems like forever, I to purchase a new computer with used an HP laptop running reviewing a number of Ubuntu 1 8.04 already installed. Windows Vista, not updating to 7, webAfter explanations of how to run 8, or even Windows 1 0. When the from a USB stick, I attempted to B ACK TO THE NEW LAPTOP hardware was getting very slow, make a bootable Ubuntu 1 8.04 USB my thoughts were ‘If I have to stick. In the end, I had to use both AND U BUNTU 1 8.04. learn Windows 1 0, why not learn Ubuntu 1 6.04 and Windows LINUX?’. After some investigation, I the When the new Dell computer Vista laptops to get a bootable determined that Ubuntu looked to USB stick. Finally, the Ubuntu 1 8.04 was delivered, the Ubuntu 1 8.04 be the best for a home user to software install process asked if a opened up on my Dell laptop learn. recovery disk was required – which screen. After my review, I then found that I could not get back to I confirmed, thus the operating I purchased a Dell laptop in system setup started. Other using my laptop in version 1 6.04, 201 6 running Ubuntu 1 4.04, and requests asked for user account(s) unfortunately, I could not started to understand that Ubuntu but, update to 1 8.04 either. Something to be set up – and I found that all could be very useful. Due to my accounts now have to have gone wrong with the GRUB2 lack of Linux experience, I set up a had passwords, and the Guest account file, whatever that was, and Standard user account, without was no longer installed as part of whatever I tried I could not any password, to use on a day-tofull circle magazine #1 55 45

the operating system. After Ubuntu 1 8.04 was up and running, I wanted to check if there were any updates available / required and found that by opening ‘System Settings’, then looking under the heading ‘Details’, there was the option ‘Check for updates’. Over a few days, and on a number of occasions, I clicked on this option and was told my system was up-todate – which I found strange! Due to my previous experience with Ubuntu 1 8.04, I was interested in finding out how the hard disk had been configured. While trying to get my old 1 6.04 laptop to boot, I found GParted Partition Editor very useful, so tried to run it under 1 8.04. Unfortunately I could not find it, so I looked on the web to be told that there were two ways to install GParted, either using ‘Ubuntu Software’ or using ‘sudo’ at the command prompt in a terminal window. contents ^

MY OPINION

The ‘Ubuntu Software’ could not find GParted and the only way I could install it was to use ‘sudo’ commands at a Terminal prompt. The commands installed, checked, and started the GParted Partition Editor. What also happened was that a window opened automatically stating that there were 1 8.04 Software Updates required. Why had the ‘Check for updates’ informed me that the system was up to date? During the download of over 800MB of data, another window opened with the title of ‘What Do You Want To Do About Modified Configuration File GRUB = /tmp/grub.BcD6fzbae1 of configuration file /etc/default/grub is available, but the version installed currently has been locally modified’. (Aha, that file called GRUB again. Pls note I had not modified this or any other files). There were a number of options offered, the one that I clicked on was [Show a side-by-side difference between the versions]. The screen closed and I was expecting the two files to be displayed, but the software updates continued without any

other warnings / options, etc. As expected, at the end of the updates, the system needed to be restarted. After looking around the desktop of Ubuntu 1 8.04, I could not find anywhere to display the battery status on the menu bar as a percentage. So back on to the web.

‘Supper’ key (a.k.a. Windows key). I now appreciate that the operating system has to be rebooted to see new installed items listed under the Installed heading in Ubuntu Software. I also note that each user has to update their desktop environment.

My next tasks will be to install a few more of the applications that I I found that one needs to install have used in the past. GNOME Tweaks to be able to display the battery status on the top menu bar. The screens that are displayed when Ubuntu 1 8.04 is up and running are known as the desktop – which is controlled by the GNOME manager. Apparently there are a number of different desktops available for the Linux operating system. To install GNOME Tweaks, we are back to using ‘sudo’ commands at a Terminal prompt. In the fullness of time, I hope to understand why, after using the ‘sudo’ commands at a Terminal prompt to ‘install’ the GNOME Tweaks, one has to install the application a second time when trying to open the application with either the ‘Show Applications’ or full circle magazine #1 55

Wil Lake is a retired time served

mechanical engineer who retrained as an IT engineer when Microprocessors entered the mainstream. He has worked in the IT industry for over 30 years, lives in the Cotswolds England UK, and has spent years renovating a cowshed.

contents ^

H O W-TO

W ri t e F o r F u l l C i rc l e M a g a z i n e

Written by Ronnie Tucker

G UIDELINES

he single rule for an article is that it must somehow be

• Images should be JPG, no wider than 800 pixels, and use low compression.

linked to Ubuntu or one of the • Do not use tables or any type of many derivatives of Ubuntu bold or italic formatting. (Kubuntu, Xubuntu, Lubuntu, etc).

RULES • There is no word limit for articles, but be advised that long articles may be split across several issues.

If you are writing a review, please follow these guidelines :

• For advice, please refer to the

When you are ready to submit your article please email it to: articles@fullcirclemagazine.org

http://bit.ly/fcmwriting

TRANSLATIONS

• Write your article in whichever software you choose, I would recommend LibreOffice, but most importantly - PLEASE SPELL AND

If you would like to translate Full Circle into your native language please send an email to ronnie@fullcirclemagazine.org and we will either put you in touch with an existing team, or give you access to the raw text to translate from. With a completed PDF, you will be able to upload your file to the main Full Circle site.

Official Full Circle Style Guide :

GRAMMAR CHECK IT!

• In your article, please indicate where you would like a particular image to be placed by indicating the image name in a new paragraph or by embedding the image in the ODT (Open Office) document.

full circle magazine #1 55

REVIEWS G AMES/APPLICATIONS

When reviewing games/applications please state clearly: • • • • • • •

title of the game who makes the game is it free, or a paid download? where to get it from (give download/homepage URL) is it Linux native, or did you use Wine? your marks out of five a summary with positive and negative points

H ARDWARE

When reviewing hardware please state clearly: • • • • • • •

make and model of the hardware what category would you put this hardware into? any glitches that you may have had while using the hardware? easy to get the hardware working in Linux? did you have to use Windows drivers? marks out of five a summary with positive and negative points

You don't need to be an expert to write an article - write about the games, applications and hardware that you use every day. 47

contents ^

R E VI E W

Q N AP N AS

Written by Erik

Review: QNAP NAS Website: https://www.qnap.com

have ever battled setting up your Ubuntu server with SAMBA and DLNA, etc, this may be for you.

Price: $500-2000 (depending on the model)

THE U NITS:

From the web page: QNAP Systems, Inc., headquartered in Taipei, Taiwan, provides a comprehensive range ofcuttingedge Network-attached Storage (NAS) and video surveillance solutions based on the principles of usability, high security, and flexible scalability. QNAP offers quality NAS products for home and business users, providing solutions for storage, backup/snapshot, virtualization, teamwork, multimedia, and more.

I have mostly been installing two- and four-bay NAS units as most of my clients use it for backup rather than all of the other built-in features. That said, there are bigger units available, six- and eight-bay NAS units are not uncommon. The feature set is quite extensive. The units have a

metal chassis covered by a plastic shell. They are not meant to stack, but will sit on top of each other without an issue. The units also ship with two network ports, so connection is a breeze. The power supply is not built in, rather it is a laptop power supply, so the units are not heavy. The shell comes in more than just black, so you can put it on a shelf in the office and it will blend right in. As with most NAS boxes, you have to buy your own drives, so do

your sums before purchase. The units do not have an abundance of RAM or CPU power, but it handles encryption and other tasks seamlessly.

SET UP: You have two options here, once you have screwed your drives to their caddies and clicked them home. You can use the software provided, or you can configure it via a web page, if it is on your network. You can have your drives

have been adding a lot of QNAP NAS products for clients in the past two years, and I thought I would share my experiences with you. If you already have a NAS set up, or your own server, you can probably skip this article. The QNAP NAS, however, is fully loaded with features, so if you full circle magazine #1 55

contents ^

REVIEW

separate, or in a RAID configuration. Because it is Linux under the hood, you can have logical volumes set up. Setting up accounts and permissions is very simple and straightforward, and there is an overview (dashboard?) to see who can do what. Adding applications is like using the Ubuntu store, you pick one and install it. QNAP have also made management from the internet easy with a handy QR code on the outer shell. Everything is very intuitive, but help is never more than a click away should you get stuck. Setting up the NAS is really a pleasure, and I would encourage you to poke around, as everything has tool tips and hints and you cannot really break it at setup time.

U SAGE: As previously stated, my client’s main use is backup. Since Qbackup is provided free of charge, this alone can justify the purchase of one of these units. Qbackup is a basic solution, but gives you everything you could need including email notifications for home users and small business users. The unit also has USB ports

if you want to connect another USB drive to it, to back up your data, should you wish to. The unit is also an excellent music server and photo repository, integrating with your computers and mobile devices on the local network and even across the internet. The interface is reminiscent of an Android tablet, so anyone should be able to use it. Once you have it set up the way you like it, the only time you will ever interface with it directly would be to update firmware or add new features. Once it is working, it will get out of your way and operate flawlessly. The tiny fan is really quiet and there are only two small LED’s, so you do not have a disco going at night. (Unlike other brands like Synology where you need sunglasses at night to counter all the blinking lights).

THE APPLICATIONS: These guys have literally thought of everything. There are applications in the store for music streaming, video streaming cloud storage, torrent seed boxes, Plex servers, etc etc. You actually have to have a look at all the options to comprehend it. All these full circle magazine #1 55

applications are add-ons to your NAS that extend its usefulness and value, not only to the home user but also to the business user. I have still to see if the enterprise class devices have the same add-ons available, but I have not used any of those.

THE ‘APPS’: As my iPad is out of date (I do not plan on updating it as Apple just introduces slowing down routines to force you to buy new), I can not comment on AppStore applications, but I will endeavour to talk about the Android ones here. Mostly I use Qmanager and Qfile. The first to manage the device and the second to check on backed up files. Now you can also use your NAS for other things, like streaming music and video, backing up your mobile devices, or CCTV footage storage. Just like the joke, I can say: “there is an app for that!”.

writing, more than 20 QNAP ‘apps’ for Android. Almost every use case is covered and the ‘apps’ are updated regularly.

Pros:

• QNAP provides lots of Android ‘apps’ for you to interact with your NAS when you need to. • The units are under active development and new firmware is pushed out like clockwork. You can do a firmware upgrade via your mobile via the internet. • The applications are constantly being improved and they too see regular updates.

Cons: • If you have power issues, there is no way to do a disk check remotely. • If you have not logged in for a while, you will get locked out until you confirm via email. • The unit has a horrible shrill tone when there is an error (or it reboots), so keeping it in your bedroom or office can cause quite the heart attack when it is quiet.

Do yourself a favour and open the Google Play store on your Android device and search for QNAP. There are, at the time of

contents ^

LE TTE RS

If you would like to submit a letter for publication, compliment or complaint, please email it to: letters@fullcirclemagazine.org . PLEASE NOTE: some letters may be edited for space.

Join us on: goo.gl/FRTMl

facebook.com/fullcircle magazine twitter.com/#!/fullcirclemag linkedin.com/company/fullcircle-magazine ubuntuforums.org/forum display.php?f=270

FULL CIRCLE N EEDS YOU ! Without reader input Full Circle would be an empty PDF file (which I don't think many people would find particularly interesting). We are always looking for articles, reviews, anything! Even small things like letters and desktop screens help fill the magazine. See the article Writing for Full Circle in this issue to read our basic guidelines. Have a look at the last page of any issue to get the details of where to send your contributions. full circle magazine #1 55

contents ^

Q &A

Compiled by EriktheUnready

elcome back to another edition of Questions and Answers! In this section, we will endeavour to answer your Ubuntu questions. Be sure to add details of the version of your operating system and your hardware. I will try to remove any personally identifiable strings from questions, but it is best not to include things like serial numbers, UUID’s or IP addresses. If your question does not appear immediately, it is just because there is such a lot, and I do them ‘first-come-first-served’.

If you have a Linux question, email it to: questions@fullcirclemagazine.org , and Erik will answer them in a future issue. Please include as much information as you can about your query.

ack in the day, we didn’t have Sean Connery... oh wait, we did. What we didn’t have was high speed internet, so, when this newfangled technology rolled around, there were some people who saw an opportunity to use it for good. They installed a 9600baud modem in a PC to be able to do accounting and stock-take in one location. The PC was wrapped in metal, with a keypad and tiny green display. It was sold as a till and accounting system. However, the units were installed in places where the humans were an issue, so the

engineers came up with a plan to change the pin layouts of the phone jacks, and the cables for the modems. Because lightning on the telephone lines damaged the modems, they needed someone to go replace them, if faulty. Enter yours truly. Arriving at these stores, usually in high streets, carrying tools and replacement parts, after pushing through throngs of people, I would often find no fault. Turns out, the employees wanted to use the phone jacks to make free phone calls. Failing to do so, the pins not being standard, they would leave it unplugged, hoping a technician would arrive and tell them how to make free phone calls. What I am trying to illustrate here is: there is always the human factor. Have you checked the human factor before posting on a forum or chat?

inch TV that I have connected, but some things are just too small to see. I wear spectacles already. My media PC is actually an old laptop connected to my TV via VGA port, not HDMI.

: I understand the part of not wanting to reload in 9 months. If you use a laptop, do you have an external mouse and keyboard attached to control it with? If so, why not use the mouse wheel and left ALT to zoom in when having to read or type, and zoom out again to watch your movie? It will zoom to your pointer. You can make your pointer bigger in settings > mouse > themes > cursor size.

How do I do wa -la? I have Q :man, but no entry. I posted

the question to stack exchange : I have Xubuntu. I have been and the answer was to sudo thinking of going to Disco Nautilus and navigate wa -la. Did Dingo for fractional scaling, e.g he mean ls -la? I would like to 1 .25x. Deepin looks like it supports retrieve file from a standard it, and maybe KDE too. Can I account I can’t log into. I need to backport it to 1 8.04? I have a 50 type some commands in terminal

full circle magazine #1 55

or go through the files app to access the file.

: I have never heard of wa? It could be ls – la. I would suggest the find command. EDIT: I think I found your post ! What the guy was trying to say was VOILA! (wa-la) :D

installed Ubuntu 1 9.04 on Q :myI'veThinkpad. But I can't use

my touchpad? Ubuntu can see it, so it should work. I am using an external mouse atm, so it is not a big deal. Can you help me? This is my output: $ xinput list Virtual core pointer id=2 [master pointer (3)] Virtual core XTEST pointer id=4 [slave pointer (2)] Microsoft Microsoft® Nano Transceiver v2.0 id=10 [slave pointer (2)] Microsoft Microsoft® Nano Transceiver v2.0 id=11 [slave pointer (2)] ETPS/2 Elantech Touchpad id=15 [slave pointer (2)]

contents ^

Q&A

: Two questions: is it enabled in your settings panel? Do you perhaps dual-boot and maybe use software on the windows side to turn it off? (I am assuming you have tried the shortcut keys on your keyboard to try and turn it on again).

Office package is best? Q :I Which have heard a lot of hype surrounding WPS Office.

: Best is subjective, but I am glad for this question. You see last week I lost the WHOLE Q&A section due to an issue with OnlyOffice, so I am back to LibreOffice again. For bog standard letters, any of them will do. I will address WPS Office first as it was your question. WPS Office has a free and paid option. The free option is slightly crippled (like OnlyOffice too). WPS office is not open-source. Though the program is a pleasure to use, it phones home all the time, which is the part I do not like. If you install it offline and use it offline, it is quite fine. For features such as versioning,

you cannot beat the price of LibreOffice (though it may look outdated.)

a dual-boot (windows Q :1 I0have and Ubuntu 1 8.04)

machine. I have 3 partitions, one for windows, one for Ubuntu, and one for both. I just formatted that partition as NTFS from windows, I could only see it from Ubuntu. I : I have bought a new laptop could not write to it. Then I with Windows1 0 preinstalled. I formatted it using Ubuntu. After have tried it and hated it. There is that I could read and write using no control, and it installs crap I Ubuntu. Then, I saved a file on it don’t want and never asked for, using windows. Then I was back to and what even are these sh#tty square one. What can I do? With “suggestions” ? My problem is that best regards. this laptop is tiny and has one USB port, no DVD drive. How do I install Ubuntu? No dual-booting please. : Actually, you have many Wipe this crap off the face of the options. Shutting down earth. windows by holding down the SHIFT key when pressing the shutdown icon. This shuts windows : If your laptop has a card down and does not leave reader slot, you can create a filesystems in use. (Hibernating). bootable disk on an SD card and Turning off hibernation install from there. I am assuming completely. Etc. But all the fixes the USB port is in use. On windows, are all on the Windows side. you can use Rufus to make it, and on Linux, Balena Etcher. I am not going to hold your hand through : I have a failing SD card. I want the install, but point you here: to save as much as possible. I https://tutorials.ubuntu.com/tutori heard that Gparted has ‘attempted al/tutorial-install-ubunturescue’, and dd will make an image desktop#0 of the card. Which is best?

full circle magazine #1 55

: This time I can say neither. Can I suggest you look at photorec (not just for photos) before you clone the SD card? Recover as much with this utility before you do the other ways you have heard about, and maybe use ddrescue instead of plain dd.

Is there a way for me to Q :extract audio from a youtube video?

: Yes! One way is to use an online converter, there are many of those, or youtube-dl, or even VLC!

Hello. I switched from Q :Ubuntu to MX to see what the

fuss was about. It seems to be a storm in a teacup. I can’t seem to install any of my favourite software, it’s just not found? I can’t uninstall stuff properly as there is no software centre to uninstall stuff like flash that I don’t want. It feels like a relic from a bygone era.

: Your question? (Switch back to Ubuntu, or try Voyager). contents ^

Q&A What is this sorcery? I Q :installed the latest iso and

now my laptop won’t charge in ubuntu. It remains or runs down, never up. I tested in windows and it does charge. I don’t even know where to start looking.

and, once installed, run: sudo nethogs - IF you have more than one interface, you need to specify which one.

So, after updating from Q :Ubuntu 1 8.1 0 to 1 9.04, Xfce : Desktop sounds being back is Q terminal can not be started from great for home, but not for the Panel. "Failed to launch

preferred application for category TerminalEmulator. Failed to : Usually the fault is at Microsoft’s door. In Windows, execute child process /usr/lib/x86_64-linuxdischarge the battery completely gnu/xfce4/exo-1 /exo-helper-1 (No and charge it full again, or do a battery calibration with the vendor such file or directory) Directory software. Now boot to Ubuntu and exo-1 does not exist." This error is popping up everywhere. What try again. Also see if it charges went wrong? when you turn the machine off. Update your machine BIOS and the Linux kernel. Uninstall TLP, if : I cannot say what went installed, and try without it. wrong, but I can tell you that the error tells you what is wrong. Open a terminal and type: sudo apt install libexo-1 -0 : Hello friends. How can I see what is eating my bandwidth? Here in India it is a problem. I need to tell who is the problem. : How can I get night light from Ubuntu Gnome to Xubuntu? The bright screen really messes : Hi, run: with my eyes and my roommate is complaining about his sleep sudo apt install nethogs patterns.

: There are two options: 1 . Redshift, 2. F.lux.

full circle magazine #1 55

work. Where can I kill it?

: Install dconf editor then gnome > desktop > sound and make it false.

I moved from Gnome to Q :XFCE. I am a bit shaky on my

I have a new PC Windows 1 0 Q :64-bit, AMD Ryzen 3 2200G,

with Radeon Vega 8 Graphics, 8.0 GB RAM, Motherboard MSI B350M PRO-VDH. When I installed Linux Ubuntu 1 8.04, all was OK, as usually in the past. When I restarted, the PC had a crash. When I installed Windows 1 0 Home after restart all was OK. Could you explain me why Linux is for this HW forbidden? How can I find out it in advance? In documentation of producers, I did not find it. Thanks for solving.

: Right, nothing is forbidden, though MSI is known to be a Windows-only house. I think you can try Ubuntu 1 8.1 0 or 1 9.04 rather, as the problem is Ryzen CPU support. The Ubuntu 1 8.04 image you are booting from may be too old? Have you tried Ubuntu : I do not have a definitive 1 8.04.2? Also, see if there is answer for you other than the updated firmware or BIOS for that mouse’s Linux support is lacking. motherboard. If you would like to You can try to get a driver from the know in advance which hardware is manufacturer. Consider yourself Ubuntu certified, you can check lucky, mine does not even see my out this web page: mouse’s battery. https://certification.ubuntu.com/d esktop/ feet. I see the battery indicator shows my wireless mouse battery, but it remains on 75% even when new or flat. I don’t recall this in Gnome.

A 53

contents ^

Q&A I have installed Anki on Disco Q :Dingo. I use it for uni. However, itâ&#x20AC;&#x2122;s not working. I need to get going soon.

: You are going to have to build it from source. The version by Ubuntu is too far behind. (If you do not know how, mail me back and I can walk you through it).

virtualbox Q :andI haveaddedinstalled the Ubuntu ISO file as a fake CD. It boots quite fine. Why would I need to install it?

: Running from a live DVD / ISO is also fine. If you want to know why you cannot run it live, you can, by all means! That is one of the software freedoms you have with free software. Unless I am understanding your question wrongly.

full circle magazine #1 55

contents ^

U B U N T U G AM E S

As c i i c ke r

Written by Erik

To actually test in your browser, simply load the page and press the arrow keys. You can also use W,A,S,D. Q and E rotate the Current version : y2 [You can see previous incarnations by replacing camera. The space-bar jumps. You can even click the character around y2 with y1 or y0. You can see previous versions in the X-range by with the mouse. There is a lot of attention to detail; for instance, replacing the y2 with say, X1 3]. when your character enters the water, he will go deeper until he o you spend a lot of time at the terminal? Are you used to swims. You can collide with seeing “yourself” as an @-sign? Do objects, and there are basic you like ASCII games? Well, then you may drool over this. This is the geekiest thing I’ve seen in a while. The whole thing is rendered in text. When I say “whole thing”, I mean a 3D world! Forget Zelda. Website: http://asciicker.com/y2/ Author: Gumix

shadows. There is no story yet, and y2 is to show off the falling-down animation, so, if it bothers you, choose y0 or y1 . Don’t think this is a flash-in-thepan though; there are development tools for this “game” that, they say, will be opensourced. Be aware that it is not open-sourced yet. I use “game” in quotes as this is more of a proof-

of-concept at the moment. New things are implemented in every version. X1 3 brought us some “crazy semi-procedurally generated map”. There is even terrain now. If you go down to the pond, you will slide down the “embankment”. When you go to the boat, you can fall off the rocks. As you can see in the latest incarnation, the “game” is leaning towards a medieval RPG, with

When I think of DOS ASCII games, I usually envision ZZT-type graphics with that horrible smiley face. This takes ASCII to the next level. When I say next level, I mean there is even a multi-player mentioned! The rendered text is fed to a Javascript engine and turned into 3D. This means you play in a browser, but there is footage of it being played in a terminal, kiTTY. (Whoo-hoo!). full circle magazine #1 55

contents ^

UBUNTU GAMES - ASCIICKER swords and armour.

You can follow the project on Cyclone https://en.wikipedia.org/wiki/Cyclo Reddit https://www.reddit.com/r/asciicker ne_(video_game) /new/ Go on, what are you waiting for? Go try your hand at ASCIIcking!

This has really sparked my imagination, and I hope It sparks yours too. I am not sure if itâ&#x20AC;&#x2122;s just that the project is so way out, or the idea that something like this is possible in a terminal that has my We wish Gumix / Gumiks all the wheels spinning. Either way, I will best with his ambitious project. be following with glee. I cannot wait for the lot to be open-sourced as I would LOVE to use this to make a modern... ASCII... version of

full circle magazine #1 55

contents ^

P AT R O N S M ONTHLY PATRONS Alex Crabtree Alex Popescu Andy Garay Bill Berninghausen Brian Bogdan CBinMV Darren Dennis Mack Devin McPherson Doug Bruce Elizabeth K. Joseph Eric Meddleton George Smith Henry D Mills Hugo Sutherland Jack Joao Cantinho Lopes John Andrews John Malon John Prigge Jonathan Pienaar JT Kevin O'Brien Lee Allen Leo Paesen Linda P Mark Shuttleworth Norman Phillips Oscar Rivera Paul Anderson

Paul Readovin Rob Fitzgerald Roy Milner Scott Mack Sony Varghese Tom Bell Tony Vincent Jobard Volker Bradley William von Hagen Taylor Conroy

The current site was created thanks to Lucas Westermann (ex-Command & Conquer) who took on the task of completely rebuilding the site, and scripts, from scratch, in his own time. The Patreon page is to help pay the domain and hosting fees. The yearly target was quickly reached thanks to those listed on this page. The money also helps with the new mailing list that I set up. Several people have asked for a PayPal (single donation) option, so I’ve added a button to the right side of the website

SINGLE D ONATIONS 2020:

A big thank you to all those who’ve used Patreon and the PayPal button. It’s a HUGE help.

alex moro Ronald Eike ALEXANDRU POPESCU Linda Prinsen Glenn Heaton Jon Loveless Frank Dinger Raymond Mccarthy Daniel Rojo Frits van Leeuwen

full circle magazine #1 55

https://www.patreon.com/ fullcirclemagazine

https://paypal.me/ronnietucker

https://donorbox.org/recurring -monthly-donation contents ^

Full Circle Team

H O W TO CO N TRI B U TE

Editor - Ronnie Tucker

FCM#1 56

FULL CIRCLE NEEDS YOU!

A magazine isn't a magazine without articles and Full Circle is no exception. We need your opinions, desktops, stories, how-to's, reviews, and anything else you want to tell your fellow *buntu users. Send your articles to: articles@fullcirclemagazine.org

Deadline :

Sunday 05th Apr. 2020. Release : Friday 27th Apr. 2020.

We are always looking for new articles to include in Full Circle. For help and advice please see the Official Full Circle Style Guide : http://bit.ly/fcmwriting Send your comments or Linux experiences to: letters@fullcirclemagazine.org Hardware/software reviews should be sent to: reviews@fullcirclemagazine.org Questions for Q&A should go to: questions@fullcirclemagazine.org Desktop screens should be emailed to: misc@fullcirclemagazine.org ... or you can visit our site via: fullcirclemagazine.org

For the Full Circle Weekly News:

ronnie@fullcirclemagazine.org

Webmasters - Cees Rijken

and Chris Christensen admin@fullcirclemagazine.org

Editing & Proofreading

Mike Kennedy, Gord Campbell, Robert Orsino, Josh Hertel, Bert Jerred, Jim Dyer and Emily Gonyer Our thanks go to Canonical, the many translation teams around the world and Thorsten Wilms for the FCM logo.

Getting Full Circle Magazine: EPUB Format - Most editions have a link to the epub file

You can keep up to date with the Weekly News using the RSS feed: http://fullcirclemagazine.org/feed/podcast

on that issue's download page. If you have any problems with the epub file, email: mobile@fullcirclemagazine.org

Or, if you're out and about, you can get the Weekly News via Stitcher Radio (Android/iOS/web): http://www.stitcher.com/s?fid=85347&refid=stpr and via TuneIn at: http://tunein.com/radio/Full-Circle-WeeklyNews-p855064/

Issuu - You can read Full Circle online via Issuu:

http://issuu.com/fullcirclemagazine. Please share and rate FCM as it helps to spread the word about FCM and Ubuntu.

FCM PATREON : https://www.patreon.com/fullcirclemagazine full circle magazine #1 55

contents ^