full circle magazine #67 1 contents ^

Full CircleTHE INDEPENDENT MAGAZINE FOR THE UBUNTU LINUX COMMUNITY

ISSUE #67 - November 2012

Ful l Circle Magazine is neither affi l iated with, nor endorsed by, Canonical Ltd.

SSTTAAYY SSEECCUURREE!!

BOOK REVIEW:Think Like AProgrammer

CREATE A THIEF-PROOF COMPUTER

Ph

oto

:In

fid

eli

c(F

lick

r.co

m)

full circle magazine #67 2 contents ^

The articles contained in this magazine are released under the Creative Commons Attribution-Share Al ike 3.0 Unported l icense.This means you can adapt, copy, distribute and transmit the articles but only under the fol lowing conditions: you must attributethe work to the original author in some way (at least a name, emai l or URL) and to this magazine by name ('Ful l Circle Magazine')

and the URL www.ful lcirclemagazine.org (but not attribute the article(s) in any way that suggests that they endorse you or your use of the work). I fyou alter, transform, or bui ld upon this work, you must distribute the resulting work under the same, simi lar or a compatible l icense.Full Circle magazine is entirely independent of Canonical, the sponsor of the Ubuntu projects, and the views and opinions in themagazine should in no way be assumed to have Canonical endorsement.

Full CircleTHE INDEPENDENT MAGAZINE FOR THE UBUNTU LINUX COMMUNITY

Thief-Proof Computer p.12

LibreOffice - Part 19 p.09

Programming Python 38 p.08

Kdenlive - Part 4 p.26

HowTo Opinions

Q&A p.62

Ubuntu Games p.XX

Ubuntu Women p.XX

Command & Conquer p.06

Inkscape - Part 7 p.28

Columns

Linux Labs p.39

Review p.55

Web Dev p.31

What Is... p.47

My Story p.44

Letters p.60

Ubuntu News p.04

Ask The New Guy p.35

Closing Windows p.41

BACK NEXT MONTH

Graphics Web Dev

BACK NEXT MONTH

full circle magazine #67 3 contents ^

EEDDIITTOORRIIAALL

Welcome to another issue of Full Circle!

This month we have the return of Programming in Python, LibreOffice continues,and our third HowTo is an epic article on how to make your computer thief-proof.It's a long article, but I'm sure you'll find it interesting. The procedure is a bit fiddly,but, if the contents of your computer are valuable, then I'm pretty sure the long

procedure will be well worth it in the end.

The graphics topics continue with Inkscape and the last of my Kdenlive articles. Nextmonth, we'll begin a series on Blender. Yes, we've finally got a series on Blender. It'ssomething I'm often emailed about; several people have promised articles (then notdelivered), but, yes, a Blender series will begin next month.

Another book review for you this month. 'Think Like a Programmer' from No StarchPress is the subject, and it's given a rave review by Lucas. Please think about buying a bookfrom No Starch Press (http://nostarch.com/), they're a small publisher who help us bysending review copies when they can.

Anyway, enough rambling from me. Enjoy the issue, and we'll see you again next monthfor our last issue (of 2012).

All the best, and keep in touch!Ronnie

ronnie@fullcirclemagazine.org

This magazine was created using :

Full Circle PodcastReleased monthly, each episodecovers all the latest Ubuntu news,opinions, reviews, interviews andlistener feedback. The Side-Pod isa new addition, it's an extra(irregular) short-form podcastwhich is intended to be a branchof the main podcast. It'ssomewhere to put all the generaltechnology and non-Ubuntu stuffthat doesn’t fit in the mainpodcast.

Hosts:• Les Pounder• Tony Hughes• Jon Chamberlain• Oliver Clark

http://fullcirclemagazine.org

full circle magazine #67 4 contents ^

UUBBUUNNTTUU NNEEWWSSWritten by The Ubuntu News Team

Since the last issue of FullCircle Magazine thefollowing has taken place:

Ubuntu Core on Nexus7

Jono Bacon writes about plansfor the Ubuntu core on Nexus 7project. Bacon pointed out veryclearly: “This is notgoing to be atabletUnity interface running on

the 8/16GBNexus7, but insteadwill

focus on getting the currentUbuntu

Desktop running on theNexus so

thatwe can ensure pieces such as

the kernel, powermanagementand

otherrelatedareas areworking

effectivelyon a tabletdevice.”

Along with the projectdescription, Bacon providesinformation for potential projectcontributors (testers anddevelopers) and points out theUDS-R session schedule for gettingUbuntu core on Nexus 7.

http://www.jonobacon.org/2012/10/26/ubuntu-core-on-the-nexus-7/

Ubuntu 11.04 (NattyNarwhal) end-of-lifereached on October 28,2012

An email to the ubuntu-announce mailing list confirms thatthe support period for Ubuntu11.04 (Natty Narwhal) formallyended on October 28, 2012 andUbuntu Security Notices will nolonger included information orupdated packages for Ubuntu11.04.

https://lists.ubuntu.com/archives/ubuntu-announce/2012-October/000165.html

Raring UbuntuDeveloper SummitComplete!

During the week of 29 Oct - 1Nov 2012 UDS-R took place with anoverwhelming amount of newscoming from those planningsessions for the Raring Ringtail13.04 scheduled to be releasednext May.

Interviews and videos fromUDS-R can be found at:http://www.youtube.com/user/ubuntudevelopers

Steam for Linux BetaNow Available

Valve announces the launch of alimited access beta for its newSteam for Linux client, availablefor Ubuntu 12.04 users. It will beavailable for a widening group ofusers, including other distributionsas soon it has reached asatisfactory level of stability.

http://store.steampowered.com/news/9289/

Mark Shuttleworth:Designing the Future,Together

Linux.com editorial staff bringsus highlights of MarkShuttleworth’s keynote which heheld at LinuxCon Europe 2012 inBarcelona. Those highlightsinclude cloud and mobile driving

full circle magazine #67 5 contents ^

UBUNTU NEWSchange, Ubuntu on every cloud,crowd-sourcing solutions, andform factors converging.Shuttleworth points out that "aswe head toward the future ofcomputing, we must focus oncollaboration, communication, andintegration at the operationallevel, not just the tech level."

http://www.linux.com/news/enterprise/cloud-computing/661497-mark-shuttleworth-designing-the-future-together/

Unity Technologiesreleases 4.0 with gameexport for Ubuntu

“TheUnitycross-platform

development tool version 4 has

been releasedfrom beta into the

growingworldofUbuntu game

development.” It brings with itmany new features, including aLinux export feature that allowsdevelopers to easily publish theirgames to the Ubuntu SoftwareCenter.

http://blog.canonical.com/2012/11/15/unity-technologies-releases-4-0-including-game-export-for-ubuntu/

Ubuntu Core Desktopon the Nexus 7: GettingInvolved

Jono Bacon writes that theefforts to getting the corecomponents in Ubuntu workingand optimized for the Nexus 7tablet are underway, and there aremany ways those interested inhelping out can get involved.Developers can help by fixing bugs,optimizing software, and othertasks that benefit the Ubuntu CoreDesktop on the tablet. Testers arealso needed to run benchmarksand report bugs.

http://www.jonobacon.org/2012/11/13/ubuntu-core-desktop-on-the-nexus-7-getting-involved/

New ContributorFeedback – 12.10

Vibhav Pant shares results fromthe New Contributor Feedback inthe 12.10 cycle. "We have

summarizedthis feedback in the

attachedreport. It is ourhope that

itwill help drive furtherdiscussion

aboutourdevelopmentprocesses,

tools, anddocumentation in the

leadup to UDSandoverthe course

ofthe next cycle."

http://fridge.ubuntu.com/2012/11/19/new-contributor-feedback-12-10/

Many Thanks to the UbuntuNews Team for their contributionthis month.

News this month comes from:Ubuntu Weekly Newsletter Issue289 -https://wiki.ubuntu.com/UbuntuWeeklyNewsletter/Issue289Ubuntu Weekly Newsletter Issue290 -https://wiki.ubuntu.com/UbuntuWeeklyNewsletter/Issue290Ubuntu Weekly Newsletter Issue291 -https://wiki.ubuntu.com/UbuntuWeeklyNewsletter/Issue291Ubuntu Weekly Newsletter Issue292 -https://wiki.ubuntu.com/UbuntuWeeklyNewsletter/Issue292

full circle magazine #67 6 contents ^

This past month saw meinstalling Windows 8 onmy dual monitor PCsetup, in order to test it

thoroughly for a client. Naturally, Ididn't remove ArchLinux, but thereare certain steps required to keepboth operating systems happy. Assuch, I felt this month it may beuseful to explain some of the extrasteps, in order to save somepeople headaches when dealingwith this.

Trick 1: Hard disk orderNote: This is important only topeople with multiple physical harddisks in their PC.

Windows has a major complaintany time the primary hard disk isnot the one Windows is installedin. It works just fine, so long as youdon't do anything with thepartition layout. In order to run anupgrade, for example, you need tohave the main partition (WindowsC: drive) set to active. This can bedone in the disk managementmenu, but won't work if you'vemade the Windows drive

secondary. Solving this is as easy asswitching the order in your BIOS.

Trick 2: GRUB is gone

As one would expect, Windowsreplaces any boot manager with itsown. After this happens, you havetwo options: either create a menufor Linux from the Windows bootmanager (this is possible), or re-install GRUB. If, like above, youhave two disks, my preference is tosimply install GRUB on the Linuxdrive, and leave the windows bootmanager intact on the other. Theboot manager used is always theone on the primary drive, so youcan effectively switch betweenboth managers by switching thehard disk order. This saves you thetrouble. If, however, you don't havetwo drives, you'll need to re-installGRUB. The easiest way to do this isto boot from a live CD, and, forGRUB2 (which is used on all thenewest Ubuntu versions), run:

sudo grub-install /dev/sdX

in the terminal. Remember toreplace sdX with the actual hard

disk number (for example,/dev/sda). You can check this witheither gparted, fdisk -l or anysimilar program. If you haveinternet in the live CD, you can alsoinstall a graphical tool called boot-repair.

Trick 3: System time isconstantly wrong inboth Windows andLinux

This is often the case whenUbuntu is set to use UTC time.Coordinated Universal Time (UTC)is a modern successor to GMT, andis the de facto standard for theNetwork Time Protocol and quite abit of the internet. The problem?Windows refuses to offer an easyoption to enable UTC. You can editthe registry in order to enable it(see UbuntuTime link in FurtherReading below). The, probablyeasier, option is to set Linux tolocal time. To do so, simply do thefollowing:

sudo vim /etc/default/rcS

Then edit, or create, thefollowing line:

UTC=no

If you're someone who isn'tcomfortable editing files like this,or editing the registry, you can alsosimply adjust your timezone inWindows to balance the offset. Forexample, if you live in GMT+1, andyour clock is 2 hours behind, switchto GMT+3, and it should work justfine. However, this may createunforeseen problems further downthe line.

The “Developer-recommended”solution is to set both Windowsand Linux to UTC, and disableInternet synchronization inWindows (it doesn’t seem to workwith UTC), instead relying uponNTP in Linux. I’m currently testingthis solution, and it seems to beworking alright so far.

Trick 4: Keeping mediaorganized

If you want to keep your media

CCOOMMMMAANNDD && CCOONNQQUUEERRWritten by Lucas Westermann WWiinnddoowwss//LLiinnuuxx CCoohhaabbiittaattiioonn

full circle magazine #67 7 contents ^

Lucas has learned all he knows fromrepeatedly breaking his system, thenhaving no other option but todiscover how to fix it. You can emailLucas at: lswest34@gmail.com.

(music, videos, pictures, etc.)available to both systems withouthaving to constantly copy andupdate the files, the easiestsolution is to have a mediapartition. I've split my 1TB harddisk into 200GB for Linux, and700GB for media. The Linux stuff isjust a / and /home (both EXT4), andthe 700GB partition is NTFS. The700GB partition contains all mymusic, videos, pictures, andbackups. Once you've relocatedthe files onto the media partition,you need to create symbolic linksto them in Linux. My preference isto create a sub-folder link, asopposed to replacing the Music,Pictures and Videos foldercompletely. To create a symboliclink, do the following:

ln -s /media/Media/Music~/Music/External

This would create a link to yourMusic folder (on the partitioncalled “Media”). The link would becalled External, and is located inthe Music folder within your homefolder. You can, naturally, changethe command however you see fit.You can do something similar inWindows 7 or 8 (possibly in Vista),by adding a new folder to your“Libraries” for Music, Pictures,

Videos. Instructions can be foundin the Further Reading section.

A quick note: If Ubuntu doesn'tautomatically connect the Mediapartition, you'll need to do thatmanually, and instructions arebelow in the Further Readingsection.

This trick for media files canalso be used for any other type offile you would need to share. Forexample, you can stick yourDropbox folder on it, and avoidhaving to download any updatestwice.

I hope at least a few of myreaders find this article useful, andfor those of you who didn't, oddsare I'll have something to interestyou next month. If you have anyquestions, comments, orsuggestions, feel free to email meat lswest34@gmail.com. Thismonth I've also written a review onThink Like A Programmer by V.Anton Spraul, so if you'reinterested in programming, youmay want to give it a look.

Further Reading:

http://windows.microsoft.com/is-IS/windows7/Customize-a-library –Customize Windows Library

https://help.ubuntu.com/community/UbuntuTime – UbuntuTime

https://help.ubuntu.com/community/RecoveringUbuntuAfterInstallingWindows – Restore GRUB

https://help.ubuntu.com/community/AutomaticallyMountPartitions –Automatically Mount Partitions

http://superuser.com/questions/482860/does-windows-8-support-utc-as-bios-time - UTC in Windows

COMMAND & CONQUER

Full Circle PodcastEpisode 31, TheDifficult ThirdEpisode!!

It may be a new team ofpodcasters, but the format isstill the same.

Your hosts:• Les Pounder• Tony Hughes• Jon Chamberlain• Oliver Clark

All members of theBlackpool (UK) LUGhttp://blackpool.lug.org.uk

Olly & Tony bring everyoneup to date with what´s beengoing on in the ¨SummerBreak¨, Olly talks about hisGnomebuntu install, Code-acadamy and Tony talksabout his new Nexus 7.

full circle magazine #67 8 contents ^

HHOOWW--TTOOWritten by Greg Walters PPrrooggrraammmmiinngg IInn PPyytthhoonn:: PPtt 3388

As I promised in part 37,we will take thetransposer app that wecreated, and create an

APK to install it on your androiddevice.

Before we get started, let’smake sure we have everythingready. First thing we need is thetwo files we created last time in afolder that you can easily access.Let’s call it “transposer”. Create itin your home directory. Next, copythe two files (transpose.kv andtranspose.py) into that folder. Nowrename transpose.py to main.py.This part is important.

Next, we need to reference thekivy packaging instructions in aweb browser. The link ishttp://kivy.org/docs/guide/packaging-android.html. We will be usingthis for the next steps, but notexactly as the Kivy peopleintended. You should have theandroid SDK from our earlierlesson. Ideally, you will go throughand get all the software that islisted there, but for our purposes,you can just follow along here. You

will need to download the python-for-android software. Open aterminal window and type thefollowing...

git clonegit://github.com/kivy/python-for-android

This will download and set upthe software that we need tocontinue. Now, in a terminalwindow, change your directory tothe python-for-android/dist/default folder.

Now you will find a file calledbuild.py. This is what will do all thework for us. Now comes the magic.

The build.py program will takevarious command-line argumentsand create the APK for you. Shownabove is the syntax for build.py

taken directly from the Kivydocumentation.

For our use, we will use thefollowing command (the “\” is aline continuation character):

./build.py --dir ~/transposer--packageorg.RainyDay.transposer \--name "RainyDay Transposer"

--version 1.0.0 debug

Let’s look at the pieces of thecommand...

./build.py - this is the application--dir ~/transposer - this is thedirectory where our applicationcode lives.--packageorg.RainyDay.transposer - This isthe name of the package--name “RainyDay Transposer” -

this is the name of the applicationthat will show up in the appsdrawer.--version 1.0.0 - the version of ourapplicationdebug - this is the level of release(debug or release)

Once you execute this,assuming that everything workedas expected, you should have anumber of files in the /bin folder.The one you are looking for istitled “RainyDayTransposer-1.0.0-debug.apk”. You can copy this toyour android device using yourfavorite file manager app, andinstall it just like any otherapplication from the various appstores.

That’s all I have time for thismonth.

./build.py --dir <path to your app>--name "<title>"--package <org.of.your.app>--version <human version>--icon <path to an icon to use>--orientation <landscape|portrait>--permission <android permission like VIBRATE> (multiple allowed)<debug|release> <installd|installr|...>

full circle magazine #67 9 contents ^

HHOOWW--TTOOWritten by Elmer Perry LLiibbrreeOOffffiiccee PPtt2200:: BBaassee

Databases are used tostore information aboutobjects or data. In theprevious tutorial, we

mapped out how our booksdatabase would look. We designedtables for our data, and definedrelationships between thosetables. Now, we will put ourplanning into action by actuallycreating the database file, addingthe tables, and creating therelationships.

Creating the DatabaseFile

As I mentioned before, Base isnot a database file but an interfacefor accessing and manipulating adatabase file. Although it is

possible to connect to manydifferent database types, we willuse the default HSQL database forour books database.

To start the database wizard,select Database from theLibreOffice Home screen or File >New > Database. The first screenof the database wizard lets uschoose whether we want to open

an existing database or create anew one. Select Create a NewDatabase, and click Next.

The second screen of the wizardasks us whether we want toregister the database and what wewant to do once the database hasbeen created. Registering adatabase in LibreOffice makes it

available in all our documents. Wewon't need this for our database,so select No – do not register thedatabase. Check Open theDatabase for Editing, and clickFinish. LibreOffice will open a filedialog to define a location andname for the database. I simplynamed the file: books

Once you have a name andlocation for the database file, themain Base screen opens. Down theleft side, you have the differentpieces which can make up adatabase file. The top right givesyou access to the different actionsyou can take for each part, and thelower right shows the objectsalready created.

full circle magazine #67 10 contents ^

HOWTO - LIBREOFFICE Pt20

Field Types

Before we create our first table,we need to discuss some of thecommon database field types.When you select a type for a field,you are presented with manyoptions for the type. Many of thetypes are identical, and are therefor compatibility reasons. Themost common types are:

Integer – a whole number, eg. 123VarChar – a variable length stringof characters. You will define themaximum length for the VarChar.Date – a date value, of course, eg.10-15-2012 (the exact format islocation specific)Time – a time value, such as09:15:25decimal – a real number includingthe whole (integer) number and itsfractional part, eg. 123.25 (the partseparator is location specific)

For our purposes, we will useInteger and VarChar.

Creating the Tables

Base has three different waysto create tables: through a tablewizard, through design view, andby SQL statements. The table

wizard is good only to createspecific types of tables by pickingfrom a list of predefined fieldnames. The SQL method requiresyou to know and understand theSQL language and is beyond thescope of this article. The designview is usually the best choice, andpresents you with a list you fill into create your table. We will usethe design view to create ourtables for this project.

We will start with the Bookstable. Select Tables from theDatabase pane on the left. In theTasks pane, click on Create Table inDesign View... to open the DesignView dialog. Across the top youhave labels for each of theelements of a field: Field Name,Field Type, and Description. TheDescription is optional but is

useful for making notes about howa field is used. At the bottom, wesee the Field Properties. Thissection will change according tothe type of field we select.

In the first field, enter the nameBookID. From the dropdown box inField Type, select Integer. Adding adescription is up to you. Under thefield properties, change AutoValueto Yes. This will place a key icon inthe box beside the field recordshowing it is the primary (or key)index. In the second row, type Titlefor the name. Give this one a typeVarChar. Again, a description is upto you. In the field properties,leave the length at 100, thedefault for VarChar. The third fieldis Published with a type of VarChar.Change the length in the fieldproperties to 12. I chose VarChar

rather than date because we justwant the year, and if the publishingdate of a book is unknown, I canenter just “Unknown”. Click on thesave icon, and Base prompts youfor a table name. Enter Books.

Our tables for Authors andMedia are created in much thesame way. For Authors, create twofields: AuthorID, integer(AutoValue Yes); and Name,VarChar (length 50). For Media,MediaID, integer (AutoValue Yes);and Type, VarChar (length 25).

Our two foreign key tablesneed a little different treatment.In BooksAuthors, create twointeger fields named BookID andAuthorID. Click on the icon boxbeside the first record. Holdingdown the Shift key, click in the iconbox for the second. At this point,you should have both recordsselected. Right-click the icon boxand select Primary Key from thecontext menu. This creates acombination key. The two valuestogether create the primary key,which uniquely identifies eachrecord in the table. For theBooksMedia table, create twointeger fields named BookID andMediaID. Select both fields, right-click, and select Primary Key.

full circle magazine #67 11 contents ^

Elmer Perry's history of working,and programming, computersinvolves an Apple IIE, adding someAmiga, a generous helping of DOSand Windows, a dash of Unix, andblend well with Linux and Ubuntu.

HOWTO - LIBREOFFICE Pt20

Create Relationships

Once we have all our tablesdefined, we can create therelationships that bind everythingtogether. We will createrelationships between our threemain tables and our foreign keytables. The direction in which youdrag the fields is important, so payclose attention to how you do it.

To start the Relation Designdialog, go to Tools > Relationships.You are presented with a list oftables. Select a table and click Addto add the table to the RelationDesign. Add the tables in thefollowing order to make it easy:Authors, BooksAuthors, Books,BooksMedia, Media. Once all thetables are added, select Close.

Drag the BookID field in Booksto BookID in BooksAuthors. ARelation dialog pops up. UnderUpdate option, pick Updatecascade and OK. This will cause the

field to update when the Bookstable updates. Drag the AuthorIDin Authors to AuthorID inBooksAuthors. Select Updatecascade in the Relation dialog.Next, drag the BookID in Books toBookID in BooksMedia. SelectUpdate cascade. Finally, dragMediaID in Media to MediaID inBooksMedia. Select Updatecascade. Your relation designshould look something like the one

pictured below.

With our tables andrelationships created, we are readyto begin work on creating formsfor data input. In our next How-To,we will create the forms for dataentry. Everything will cometogether to create a usable dataentry system.

The Ubuntu Podcast covers allthe latest news and issues facingUbuntu Linux users and FreeSoftware fans in general. Theshow appeals to the newest userand the oldest coder. Ourdiscussions cover thedevelopment of Ubuntu butaren’t overly technical. We arelucky enough to have somegreat guests on the show, tellingus first hand about the latestexciting developments they areworking on, in a way that we canall understand! We also talkabout the Ubuntu communityand what it gets up to.

The show is presented bymembers of the UK’s UbuntuLinux community. Because it iscovered by the Ubuntu Code ofConduct it is suitable for all.

The show is broadcast live everyfortnight on a Tuesday evening(British time) and is available fordownload the following day.

podcast.ubuntu-uk.org

full circle magazine #67 12 contents ^

HHOOWW--TTOOWritten by Xavier Berger CCrreeaattee AA TThhiieeff--PPrrooooff CCoommppuutteerr

In our modern society,computers become toolshosting a lot of privateinformation. Losing these data

or displaying these data to thepublic could have a big impact forthe owner.

In this article we will see howto:

1. Prevent the computer frombooting on the secured systemwithout a startup usb keyThe first barrier will be to preventthe PC from booting when it is notin the hands of its owner. Toachieve this goal, we will "split" thehardware into two pieces. Whenthese two pieces are joined, thecomputer can be used (and boot);if not, the computer will not start.As many people have to purchaseWindows with a laptop, we will seehow to give access to this OS whenthe key is not present. This couldbe useful if you want to lend yourPC to a friend to give her access tothe Internet.

2. Prevent the data from unwantedaccess

If a person can access my disk, heshould still not have access to thedata. The file system and swapcontain or can contain personaldata. We will see how to encryptthe data at the level of thepartition, and keep our data safe.

3. Prevent data lossTo prevent data loss, doing regularbackup is something mandatory,but, if the backup storage islocated in the same building as thecomputer, it may berobbed/destroyed as well. Toprevent data loss, we need toexternalize the data. The cloud is agood solution for such anexternalization. It could be done inreal time, and doesn't require anydiscipline from the end user. Toensure the privacy of the data insuch cases, we will also encrypt thedata before synchronizing it to thecloud. The data in the cloud is amirror of the current data in thecomputer.

4. Use the created usb key as atoolbox by adding live distributions

With the usb key in our hands, we

will see how to add an additionallive distributions that could beuseful for troubleshooting orrescue.

Installation

To implement the proceduredescribed below, you will need thefollowing items:• A target computer (with orwithout an existing OS running)• Two blank CD-ROMs – to burnUbuntu installation media• One USB key (min > 1GB,recommended > 4GB)• A computer with an operating

system running (that could be thetarget)

Preparation

Download ubuntu-12.04.1-

desktop-i386.iso fromhttp://releases.ubuntu.com/precise/ and burn it to a CD-ROM.

Plug in the usb key, and bootfrom the Ubuntu 12.04.1 desktopCD-ROM freshly burnt.

In the welcome screen, selectTry Ubuntu.

full circle magazine #67 13 contents ^

HOWTO - CREATE A THIEF-PROOF COMPUTER

Once the live system hasbooted, start gparted to preparethe usb key.

Select the usb key (/dev/sdb),and create a FAT32 partitionpreceded by a free space of128MB. This space will be usedlater by the secured operatingsystem.

If your computer doesn't havean operating system installed, skip

the next step of this chapter andcontinue with the followingsection.

If you purchased MicrosoftWindows with the laptop, we willkeep it in the machine andavailable (in case you would like tolend your PC to your friends). Firstperform a backup of windowsusing the tools provided by yourmanufacturer... you may need orwill have to restore Windows once

the partition resizing is done.Resize the existing windowspartition to leave space for the realoperating system.• Boot on Ubuntu 12.04.1 desktop• Start GParted• Select the disk of the computer(/dev/sda)• Resize the windows partition to50GB, it should be enough for alloccasions when you need to usethis OS• Remove unneeded partitions – tocreate free space that will be usedto install Linux

Installation

During the installation, we willconfigure the Operating System toencrypt the data stored in the disk.This encryption will ensure thesecurity of the data. The longer theencryption key, the better theprotection, but this also lengthensthe time to encrypt and decrypt. Inthis article, we choose the shortestproposed length for the key: AES128-bit should be fast and secureenough. A key of 128-bits give

full circle magazine #67 14 contents ^

HOWTO - CREATE A THIEF-PROOF COMPUTERabout 3,4 x 10^38 possibilities.

To understand how secure 128-bit keys are, you may read theanalogy by Jon Callas at:http://www.interesting-people.org/archives/interesting-people/200607/msg00058.html

“Imagine a computerthat is the

size ofa grain ofsandthat can test

keys against some encrypteddata.

Also imagine that it can testa key in

the amountoftime it takes light to

cross it. Then considera clusterof

these computers, so manythat if

you coveredthe earth with them,

theywouldcoverthewhole planet

to the heightof1 meter. The cluster

ofcomputerswouldcracka 128-bit

keyon average in 1,000 years.”

Even if you don't believe thatthe NSA has another planetdevoted to key cracking, you stillmay want to use a longer key. If aweakness in your chosen crypto-module is found, it may limit thekeyspace that needs to be tested,and you will then have aneffectively shorter key. Using a256-bit key will keep your datasecure much longer if that shouldhappen.

Download Ubuntu and burn it

on the second CD-ROM.

Boot on the freshly burnt CD-ROM. Select the language andInstall Ubuntu.

Follow these instructions toinstall the system:• Select the language to be usedduring the installation process:English• Select your location, configurelocales, configure the keyboard• Define hostname, user andpassword• Do not chose to encrypt thehome directory. We will encrypt allthe partition.• Set clock and timezone• To Partition disks, select Manual

Creating the /boot partitionunencrypted• Select the freespace on sdb andpress enter• Select Create a new partition

Define the size: keep theproposed size• Type of the new partition:Primary• Use As: Ext2 file system• Mount point: /boot• Bootable flag: on• Select Done setting up the

full circle magazine #67 15 contents ^

HOWTO - CREATE A THIEF-PROOF COMPUTERpartition

Create a Logical partition• Select the free space on sda andpress enter• Select Create a new partition• Define the size: 128MType of the new partition: Primary• Location for the new partition:Beginning

Use as: do not use• Select Done setting up thepartition

Create a Logical partition• Select the free space on sda andpress enter• Select Create a new partition• Define the size: keep theproposed size – which should bethe maximum space available• Type of the new partition: Logical• Use as: do not use• Select Done setting up thepartition

Encrypt partition•Select Configure encryptedvolumes•Write the change to disk andconfigure encrypted volumes: Yes• Select Create Encrypted volumes• Select: [*] /dev/sda5• Key size: 128•Done setting up the partition

• Keep current partition layout andconfigure encrypted volume: Yes• Select Finish• Enter a passphrase twice

Create LVM group and volumes• Select Configuring the LogicalVolume Manager• Write change to disk andconfigure LVM : Yes• Select Create volume group

• Volume group name: VolGroup• Device for new volume group: [*]/dev/mapper/sda5_crypt• Keep current partition layout andconfigure LVM: Yes• Select Create logical volume• Volume group: VolGroup• Logical volume name: LV_slash• logical volume size: 50GB• Select Create logical volume• Volume group: VolGroup

• Logical volume name: LV_swap• logical volume size: 2GB• Select Create logical volume• Volume group: VolGroup• Logical volume name: LV_home• Logical volume size: keep theproposed size• Select Finish

Configure the mounting points ofLVM volumes• Select LV_home --> #1• Use as : Ext4 journaling filesystem• Mount point: /home• Options: [*] noatime (--> we don'twish to record the last time the filehas been read)• Select Done setting up thepartition• Select LV_slash --> #1• Use as : Ext4 journaling filesystem• Mount point: /• Options: [*] noatime• Select Done setting up thepartition• Select LV_swap --> #1• Use as : swap area• Select Done setting up thepartition

Finish partitioning and writechanges to disk• Write changes to disks

full circle magazine #67 16 contents ^

HOWTO - CREATE A THIEF-PROOF COMPUTER

•Install GRUB on /dev/sdb (the keywill then be required to boot onthe secured system)•Set the system clock to UTC: Yes•Complete the installation

Congratulations, you have nowa system where your data isencrypted and needs an externalusb key to start. As we didn't touchthe mbr of the hdd, the previousoperating system should continueto start as it did previously. It isnow required to explicitly bootwith the usb key to access thesecured area. When doing so, youwill see the boot screen asking thepassword required to decrypt thedisk.

We will see in the next chapterhow to make our securedcomputer as easy to use as anunencrypted and unsecuredcomputer, and we will configure itto ensure the sustainability of ourdata.

Configuration

In this section we will see howto customize the system toimprove its usability and to protectour data from loss.

Warning: Unless specified, thecommands below must beexecuted as root.

Using a label for the USB keywill allow us to duplicate this keyand ensure that the system willrecognize it as the booting device.

Define the label for /dev/sdb2as BOOT (/dev/sdb2 is the /bootpartition)

e2label /dev/sdb2 BOOT

Update /etc/fstab to use labelinstead of uuid

replace UUID=(...) byLABEL=BOOT

Edit /etc/default/grub,uncomment to not use uuid ingrub, and regenerate grub.cfg:

uncommentGRUB_DISABLE_LINUX_UUID=true

Insert the blue text (shownbelow) into the file/usr/lib/grub/grub-mkconfig_lib toconfigure grub to use label (ifavailable in a volume)

Upgrade grub with thefollowing command:

update-grub

We will now configure thesystem to decrypt the partitionbased on a file stored in the

startup key. The computer willthen recognize the startup key anddecrypt the partition withoutasking for a password anymore.

Create a keyfile in/boot

dd if=/dev/urandomof=/boot/keyfile bs=512count=4

chmod 444 /boot/keyfile

Add the new key into it as avalid key to decrypt the disk:

cryptsetup luksAddKey/dev/sda5 keyfile

Note: The contents of the file isimportant, not the filename.

Modify /etc/crypttab to use theboot key. Replace:

sdb5_crypt UUID=(...) noneluks

with

if label="`${grub_probe} --device ${device} --target=fs_label 2> /dev/null`" ; thenecho "search --no-floppy --label ${label} --set root"

elif fs_uuid="`${grub_probe} --device ${device} --target=fs_uuid 2> /dev/null`" ; thenecho "search --no-floppy --fs-uuid --set ${fs_uuid}"

fi

full circle magazine #67 17 contents ^

HOWTO - CREATE A THIEF-PROOF COMPUTER

sdb5_crypt UUID=(...)/dev/disk/by-label/BOOT:/keyfileluks,keyscript=/lib/cryptsetup/scripts/passdev

Finally, update the initramfswith:

update-initramfs -uv

To remove auto decryption andreactivate passphrase only, modify/etc/crypttab by adding the bootkey and remove the line added.The file should then looksomething like this

sdb5_crypt UUID=(...) noneluks

Finally, update the initramfs:

update-initramfs -uv

Booting from the maindisk instead of startupkey

Some BIOS don't really like toboot from an external usb drive. Insuch a situation, we will create ascreen displayed at boot that willallow the user to select whichoperating system to startup. Wewill use BURG which has a nice-

looking graphical interface. Thissolution will modify the MBR ofthe HDD, so then you have to payparticular attention to the actionproposed here.

First create symlinks vmlinuzand initrd to the latest kernel andinitrd image:

cd /boot

ln -s vmlinuz-... vmlinuz

ln -s initrd.img-...initrd.img

Warning: After every kernelupgrade, you will have to updatethese links pointing to the latestkernel

Mount the /boot partition ofHDD:

umount /boot

mount /dev/sda2 /boot

Install BURG on the system:

apt-get install python-software-properties

add-apt-repository ppa:n-muench/burg

apt-get update

apt-get install burg

Configure BURG to run from theinternal HDD:• Accept default parameters• Select /dev/sda

Edit /etc/burg/30_osprober andappend the keyword exit at thebeginning of the file.

Edit /etc/burg.d/10_linux andappend the keyword exit beforethe last while.

Update custom menu to booton Linux or Windows:

menuentry "Linux" --classubuntu {

insmod ext2set root=(hd1,2)linux /vmlinuz quiet splashinitrd /initrd.img

}menuentry "Windows" --classwindows {

set root=(hd0,1)chainloader +1

}

Edit /etc/default/burg anduncomment:

GRUB_DISABLE_LINUX_RECOVERY="true"

Apply the configuration• update-burg

Here is the screen that will bedisplayed at startup:

full circle magazine #67 18 contents ^

HOWTO - CREATE A THIEF-PROOF COMPUTER

Note: Note that this boot screendoesn't propose recovery mode.The full startup menu is stillavailable on the usb key. Youshould select to boot on the usbkey, and hold shift to access tothe following menu.

Note: This screenshot (right) isshowing additional boot options.Ref below to see how to install liveOS into the usb key.

Create a startup keyfrom a working system

If you have a system running, itis easy to recreate a USB key withthe following procedure:

Mount the new key in/media/usb... Note: The key shouldbe prepared with gparted asdescribed above, and have thepartition formatted as ext2.

mount /dev/sdc2 /media/usb

Copy the content of the originalkey to the new startup key:

cp -a /boot/* /media/usb

Label the new key to be a bootkey:

e2label /dev/sdc2 BOOT

Install grub2 to the new disk:

grub-install --force --no-floppy --boot-directory=/media/usb --root-directory=/ /dev/sdc

Note: Each time the kernel isupdated, the second key will alsohave to be updated using thisprocedure.

Backup the startup keyand store it in a safelocation

The usb key you just created isnow the only way you have to startyour computer. It is mandatory tohave a backup of it and to be ableto recreate it.

Cleanup unused space of /boot

partition:

dd if=/dev/zeroof=/boot/todelete

rm /boot/todelete

Umount /boot partition:

umount /dev/sdb2

Backup the mbr of the usb key:

dd if=/dev/sdb of=startup.mbrbs=512 count=1

Backup the boot partition:

dd if=/dev/sdb2of=startup.sdb2

Compress the backup:

tar cvjf startup.bkp.tar.bz2startup.mbr startup.sdb2

Store the file

startup.bkp.tar.bz2 into a safearea.

Warning: This to perform anupdate of the startup key imageafter every kernel update.

Restore the startup keyto another key

The following action should beperformed on the computerfreshly installed, or from a liveversion of the OS created fromUnetBootIn, or start from thestartup key when installation iscompleted.

Plug the new target usb key andidentify its device. Let's assume itis /dev/sdc. Enter these commands:

dd if=startup.mbr of=/dev/sdc

mkfs.vfat /dev/sdc1

dd if=startup.sdb2of=/dev/sdc2

fsck -y /dev/sdc2

mount /dev/sdc2 /media/usb

grub-install --force --no-floppy --boot-directory=/media/usb --root-directory=/ /dev/sdc

full circle magazine #67 19 contents ^

HOWTO - CREATE A THIEF-PROOF COMPUTER

This command could be a littlebit long. Executing the followingcommand will let dd write a statusof its progress:

kill -USR1 $(pidof dd)

Store data in a remotelocation to ensure itsavailability

Our goal is to store data in aplace that will ensure itsavailability even if the hardware islost. The easiest solution is to usethe cloud services provided by oneof the following companies:

Online storages services:* 5GB up to 20GB Free -

https://one.ubuntu.com/* 5GB Free -

https://www.wuala.com/* 2GB Free -

https://www.dropbox.com/* 2GB Free -

https://www.spideroak.com/* 5GB Free -

https://drive.google.com/ --> withgrive:https://github.com/Grive/grive

For Windows only, someadditional space can be used to

store non-confidential data:* 5GB Free -

https://www.sugarsync.com/* 7GB Free -

https://skydrive.live.com/

Offline backup service:* 25GB Free -

https://www.hubic.me/

Online notebook:* 60MB/month Free -

https://www.evernote.com/

This solution is not intended toreplace real backup/restoresolutions, but has the advantagesof being cheap and easy to setup.

Ensure theconfidentiality of datastored into the cloud

The cloud is a private storagearea provided by an externalcompany. This description may notsound correct, because it ismixture of private and external. So,if we consider that this externalarea is not a fully private place, wewill have to add another layer ofencryption to secure our data inthe cloud. For this, we will useencfs, and we will configure pam to

automatically unlock the directoryduring the login process.

Install encfs and fuse-utils usingthe following command as root:

apt-get install encfs fuse-utils

sh -c "echo fuse >>/etc/modules"

modprobe fuse

adduser $USER fuse

Configure theencryption of sensitivedata into in Ubuntu One

Execute the followingcommands as standard user:

sudo apt-get install libpam-mount libpam-encfs

LC_ALL=C encfs/home/$USER/Ubuntu\One/.encrypted/home/$USER/encrypted/

Let encfs create the directories.Select the pre-configured paranoiamode (p), or just press enter tohave normal protection.

Enter the passphrase twice (itshould be the same as for theaccount if you want to usepam_mount).

It is possible to automaticallydecrypt the encfs directory usingpam_mount. This will work only ifthe passphrase of the user accountis the same as the passphrase ofthe encfs directory.

Edit the file/etc/security/pam_mount.conf.xmllook for the line <!-- Volumedefinitions -->. Append thefollowing lines just after byreplacing <<user>> with your login

<volume user="<<user>>"fstype="fuse"path="encfs#/home/<<user>>/Ubuntu One/.encrypted"mountpoint="/home/<<user>>/encrypted" />

Passphrasemanagement

The LUKS encryption systemcan manage up to eightpassphrases (in this article, wealready used two). Adding apassword can be done with thefollowing command:

full circle magazine #67 20 contents ^

HOWTO - CREATE A THIEF-PROOF COMPUTER

cryptsetup luksAddKey/dev/sda5

To delete a passphrase:

cryptsetup luksKillSlot/dev/sda5 <the slot number tobe deleted>

To change a passphrase, youneed to add the new key, then tokill the slot of the key to bereplaced.

Encfs has only one passphrase.The passphrase can be changedwith the following command:

encfsctl passwd ~/Ubuntu\One/.encrypted/

Add live OS into theusb key

On the following section, wewill assume that the FAT32partition of the startup key ismounted in /media/usb. If this isnot yet the case, execute thefollowing command to do it:

mkdir /media/usb

mount /dev/sdb1 /media/usb

Add ubuntu desktop on the usb

stick. Create the directory/media/usb/iso

mkdir /media/usb/iso

Download ubuntu-12.04.1-

desktop-i386.iso fromhttp://releases.ubuntu.com/precise/ and copy it to /media/usb/iso.

Create the file/etc/grub.d/42_custom with thetext shown above.

Upgrade grub with thefollowing command

update-grub

Add Unbuntu Alternate CD onthe usb stick. Download Ubuntu

and copy it in /media/usb/iso.Create the file/etc/grub.d/43_custom with thecontent shown below:

Upgrade grub with thefollowing command

update-grub

#!/bin/shexec tail -n +3 $0# This file provides an easy way to add custom menu entries. Simply type the# menu entries you want to add after this comment. Be careful not to change# the 'exec tail' line above.menuentry "Ubuntu 12.04.1 - i386 - iso Live" {

set gfxpayload=800x600x16set root=(hd0,msdos1)set isofile="/iso/ubuntu-12.04.1-desktop-i386.iso"search --set -f $isofileloopback loop $isofilelinux (loop)/casper/vmlinuz boot=casper iso-scan/filename=$isofile noeject noprompt

splash -- locale=fr_FR console-setup/layoutcode=frinitrd (loop)/casper/initrd.lz

}

#!/bin/shexec tail -n +3 $0# This file provides an easy way to add custom menuentries. Simply type the# menu entries you want to add after this comment. Becareful not to change# the 'exec tail' line above.menuentry "Ubuntu 12.04.1 - i386 - AlternateInstallation" {

set gfxpayload=800x600x16set root=(hd0,msdos1)search --set -f /iso/ubuntu-12.04.1-alternate-

i386.isolinux /iso/vmlinuz noeject -- locale=fr_FR

console-setup/layoutcode=frinitrd /iso/initrd.gz

}

full circle magazine #67 21 contents ^

HOWTO - CREATE A THIEF-PROOF COMPUTERAdd System Rescue CD on the

usb stick. Download and copy it in/media/usb/iso. Create the file/etc/grub.d/44_custom with thecontent shown top right.

Upgrade grub with thefollowing command:

update-grub

Online security

You are using Linux, this is afirst good step for online security.If you intend to use your computerdirectly connected to the Internet,you should at least start thefirewall by executing the followingcommand:

ufw enable

Remove the key afterstartup

Warning: In this section, it isproposed to modify theauthentication process. An errorcould block the authentication ofyour computer. If you do so, startyour computer in recovery modeand delete the modification youpreviously did. Be aware that theoption to remove the key is

available only in the graphicalinterface. We do consider that ifyou start a console, you can as wellmount the /boot partitionmanually.

To not compromise the securityof your PC, you need to carry theusb key with you all the time evenif the PC is still running and locked.

To make this easy we willconfigure the computer toautomatically mount and umountthe key on different occasions:

Umount the key:• At startup to let you unplug thekey and go before login• When the computer is locked – to

let you unplug the key when youneed to leave your PC• When you close your session

Mount the usb key:• When you open a session• When the session is unlocked

Umount key after boot

Add the following as the firstactive line of the file /etc/rc.local

umount /boot

This will umount the usb keyafter boot.

Now, we need to authorize a

standard user to mount andumount the /boot partition whichis in the startup key. To do so, it isrequired to update the /bootdescription in the file /etc/fstaband append the option ‘users’ asan option. After modification, theline should look like this:

LABEL=BOOT /bootext2 noatime,users0 2

To automatically mount andumount the key when the sessionis open or close, we will use thecapabilities given by PAM. libpam-script will allow us to execute ascript when the user opens orcloses a session.

#!/bin/shexec tail -n +3 $0# This file provides an easy way to add custom menu entries. Simply type the# menu entries you want to add after this comment. Be careful not to change# the 'exec tail' line above.menuentry "SystemRescueCD - i386 - iso Live" {

set gfxpayload=800x600x16insmod ext2insmod loopbackinsmod iso9660set root=(hd0,msdos1)set isofile="/iso/systemrescuecd-x86-2.8.1.iso"search --set -f $isofileloopback loop $isofilelinux (loop)/isolinux/rescuecd isoloop=$isofile setkmap=frinitrd (loop)/isolinux/initram.igz

}

full circle magazine #67 22 contents ^

HOWTO - CREATE A THIEF-PROOF COMPUTER

Install libpam-script with thefollowing command:

apt-get install libpam-script

/usr/share/libpam-script/pam_script_ses_open isexecuted when the session is open,and will mount the partition /boot.Create this script with thefollowing content:

#!/bin/bashif [[ "$PAM_USER" = "lightdm"]] || ( mount | grep /boot >/dev/null 2>&1 ); then

exit 0fiif ( mount /boot > /dev/null2>&1 ); then

/usr/bin/aplay/usr/share/sounds/purple/receive.wav > /dev/null 2>&1fiexit 0

This script mounts the /bootpartition, and plays a sound lettingyou know that the key has beensuccessfully reconnected.

Change permissions to make itexecutable:

chmod 755 /usr/share/libpam-script/pam_script_ses_open

/usr/share/libpam-

script/pam_script_ses_close isexecuted when the session isclosed, and will dismount thepartition /boot. Create this scriptwith the following content:

#!/bin/bashif [[ "$PAM_USER" = "lightdm"]]; then

exit 0fidevice=$(mount | grep /boot |cut -c -8)if ( umount /boot > /dev/null2>&1 ); then

umount $device* > /dev/null2>&1

/usr/bin/aplay/usr/share/sounds/purple/send.wav > /dev/null 2>&1fiexit 0

This script umounts the /bootpartition and all the partitions ofthe usb key, and then plays a soundletting you know that you canremove the usb key safely.

Change permissions to make itexecutable:

chmod 755 /usr/share/libpam-script/pam_script_ses_close

We need now to add pam_scriptto the session management.Modify the file /etc/pam.d/lightdmand append the pam_script line

below just after the line @includecommon-account:

@include common-account

session optionalpam_script.so

We will now create a scriptmanaging the screen-saver. Thescript below is applicable toxscreensaver which is the defaultscreensaver of xubuntu. If yourscreensaver is different, you canreplace it by xcreenserver, or(more difficult), you can updatethe script below.

Create the file/usr/local/bin/startup_key_manager.sh with the following content:

#!/bin/bash/usr/bin/xscreensaver-command-watch | while read line; do

if [ x"$(echo "$line" |grep 'LOCK')" != x ] ; then

/usr/share/libpam-script/pam_script_ses_close

fiif [ x"$(echo "$line" |

grep 'UNBLANK')" != x ] ;then

/usr/share/libpam-script/pam_script_ses_open

fidone

Change the permissions tomake it executable:

chmod 755/usr/local/bin/startup_key_manager.sh

This script will monitor thescreensaver and manage the /bootpartition of the key accordingly.

This script should be added tostart automatically when thesession is open. As a normal user,create the script~/.config/autostart/startupKeyManager.desktop with the followingcontent:

[Desktop Entry]Encoding=UTF-8Version=0.9.4Type=ApplicationName=startupKeyManagerComment=startup key managerExec=/usr/local/bin/startup_key_manager.shStartupNotify=falseTerminal=falseHidden=false

The script will be activatedwhen you will start anothersession.

Warning: When you are updatingthe kernel, be sure the session willstay open and the screen serverstays deactivated during theupgrade.

full circle magazine #67 23 contents ^

HOWTO - CREATE A THIEF-PROOF COMPUTER

Two-factorauthentication

Warning: In this section, it isproposed to modify theauthentication process forgraphical as well as console login.An error could block theauthentication of your computer. Ifyou do so, start your computer inrecovery mode, and delete themodification you previously did.

We have now a system which issecured and easy to use, but wecan improve the security a little bitby adding a two-factorauthentication requiring the USBkey to be plugged and thepassword to be correct beforeopening the session. With this two-factor authentication, you will besure that, in the event thatsomebody knows your password,she will not be able to unlock yoursession when you are at the coffeecorner with the USB key in yourpocket.

To activate the two factorauthentication, we will use thepam module previously installed:pam-script.

The logic would be to use

pam_usb, but this approach isinconvenient: It requires an actionon every USB key you have, andmakes key replication morecomplex. So, we will authenticatethe usb key based on the keyfilepresent in it using pam_script.

Create the script/usr/share/libpam-script/pam_script_ses_authdedicated to authenticate the usbkey with the following content:

#!/bin/bashmount /bootresult=1;if ( sha1sum -c --status/usr/share/libpam-script/keycheck ); then

result=0fiumount /bootexit $result

Make it executable:

chmod 755 /usr/share/libpam-script/pam_script_auth

The sha1sum is used to validatethe key; the keycheck file is createdwith the following commands:

sha1sum /boot/keyfile >/usr/share/libpam-script/keycheck

chmod 444 /usr/share/libpam-script/keycheck

We need now to add pam_scriptinto the system authenticationprocess just after theauthentication by password.Modify the file/etc/pam.d/common-auth and addpam_script just after pam_deny asfollow:

auth requisitepam_deny.so

auth requiredpam_script.so

Troubleshooting

In some circumstances you mayneed to access to the data of theencrypted partition withoutbooting the computer. Here aresome methods to do so.

Boot in recovery mode

Boot from the usb stick andselect recovery mode. Select root,Drop to root shell prompt. Mount /with a read write access and mount/boot using the followingcommands

mount -oremount,rw /

mount /dev/sdb2 /boot

Note: As you are using yourstartup key to boot your PC, youare identified to be the owner ofthe machine if you used a keyfile;you will be granted root accesswithout any password. Without thekey, such a startup is impossibleand you will have to follow theinstruction of the next section toaccess your data.

Manual access to thepartition

To access to the encryptedpartition, boot on a live OperatingSystem and follow the procedurebelow to mount and umount thedisk.

Mount encrypted partition

modprobe dm-crypt

cryptsetup luksOpen /dev/sdb5crypt

(Enter your passphrase)

vgscan --mknodes

vgchange -ay

mkdir /mnt/crypt

full circle magazine #67 24 contents ^

HOWTO - CREATE A THIEF-PROOF COMPUTER

mount /dev/VolGroup/LV_slash/mnt/crypt

Umount partition

umount /mnt/crypt

vgchange -an

cryptsetup luksClose crypt

To gain access to the encryptedpartition from (initramfs):

Mount encrypted partition

cryptsetup luksOpen /dev/sdb5crypt

mkdir /mnt/crypt

mount /dev/VolGroup/LV_slash/mnt/crypt

Umount partition

umount /mnt/crypt

cryptsetup luksClose crypt

Reinstall the securesystem and keep datain the home directory

In case of a major issue, youmay have to reinstall your systemfrom scratch. Boot on Ubuntu

Alternate image• Enter the name of the computer• Enter the full name of the mainuser• Enter the username for theaccount• Choose a password and enter ittwice• Do not select to encrypt homedirectory (We will reuse theencrypted partition alreadyexisting into the system)• Set clock timezone• Partition disks: Manual• Select: Configure encryptedvolume• • Keep current partition layout

and configure encrypted volumes:Yes• • Activate existing encryptedvolume• • Enter the passphrase• • You will see the LVM volumes inthe disk partition description• Define mounting point asdescribed in the previous chapter(Format the partition / and /bootbut do not format the partition/home)• Install the OS• Reboot

After this installation /boot and/ have been recreated from

scratch. It is then required toreapply the configurationdescribed in the previous section.If you use a keyfile to unlock thesecured partition, this file shouldbe reinstalled in the /bootpartition from the backup you did.If you previously saved theinstalled packages into a fileinstalled-packages as described inthe Security: section, it is possibleto reinstall them with thefollowing commands:

apt-get update

apt-get upgrade

dpkg --set-selections <installed-packages

apt-get -u dselect-upgrade

To go further andimprove the securityand data integrity

Additional action could improvethe security of your computer. Youcan, for instance, remove Windowsfrom your computer. In this case,your computer will not boot at allwithout the startup key, and willbe unusable and without anyevidence that it holds an encryptedpartition. Then you can add a BIOS

full circle magazine #67 25 contents ^

Xavier Berger is a specialist in Linuxand network deployment who enjoyshiking, geocaching, skiing, andspending time with his family. Hisweb site is: http://xberger.free.fr

HOWTO - CREATE A THIEF-PROOF COMPUTERpassword to avoid booting fromusb, and add a password to burgand grub to avoid startupcommand modification.

You can also use TrueCryptwith/without inner volume tosecure confidential data.

To go even further, you canapply the recommendation fromthe NSA:http://www.nsa.gov/ia/_files/os/redhat/rhel5-guide-i731.pdf

References

This article has been written basedon information found in theInternet:

https://help.ubuntu.com/community/EncryptedFilesystemHowto

http://ubuntuforums.org/showthread.php?t=1549847

http://ubuntuforums.org/showthread.php?t=1369019

http://blog.stalkr.net/2012/05/usb-rescue-and-secure-boot-disk.html

http://askubuntu.com/questions/63594/mount-encrypted-volumes-from-command-line

http://ubunteros.tuxfamily.org/spip.php?article204

http://doc.ubuntu-fr.org/tutoriel/chiffrer_son_disque

http://doc.ubuntu-fr.org/cryptsetup

http://doc.ubuntu-fr.org/encfs

http://linuxconfig.org/linux-authentication-login-with-usb-device

http://artisan.karma-lab.net/petite-introduction-a-pam

http://www.psychocats.net/ubuntu/security

https://code.google.com/p/cryptsetup/

1166xx1166 SSUUDDOOKKUU

Solutions are on the second last page.

Numbers 0 to 9 and letters A to F are to be filled into the16x16 grid so that every row, every column, and every4x4 box contains 0 to 9 and A - F.

Puzzles are copyright, and kindly provided by,The Puzzle Club - www.thepuzzleclub.com

full circle magazine #67 26 contents ^

HHOOWW--TTOOWritten by Ronnie Tucker VViiddeeoo EEddiittiinngg WWiitthh KKddeennlliivvee -- PPaarrtt 44

Although we’ve touchedon effects that you canapply to a clip, we’ll go abit more in-depth on

clips in this article.

First, let’s import a clip. Anotherway to add a clip is to right-click inthe clips area and choose ‘OnlineResources’ – which will give you asearch window of free clips tochoose from. The dropdown menulets you choose from audio/video/graphic libraries, and you can entersome text to filter the list of thingsto import.

I’m going to import my ownvideo clip, and apply some effectsto it. The first effect I’m going toapply is Add Effect > Crop andTransform > Pan and Zoom. This isan effect which can be animated,which is something we touched onbriefly last issue. Just like lasttime, we add a keyframe and applysome settings. Do that severaltimes and you have an animatedeffect. So, what I’ve done is made akeyframe 5 seconds in, andanother at 8 seconds in.

First, click the ‘synchronise withtimeline’ button (chain links) tomove your effect slider with thetimeline slider. I’ve not touchedthe settings for the 5sec keyframe,but I’ve upped the zoom level onthe 8sec keyframe, and adjustedthe X and Y values to center thesubject a bit. What this means isthat the video plays normally for5secs, then, from the 5sec mark tothe 8sec mark, it’ll spend thosethree seconds zooming in to my8sec keyframe. Of course, youdon’t have to zoom, you could justas easily track your subject withoutthe zoom.

The only problem with effectsis that not all of them can beanimated. The best gauge I cangive is to look through the effectsavailable, and, if it says‘keyframeable,’ then it candefinitely be animated. Someeffects can have keyframes, but

full circle magazine #67 27 contents ^

Ronnie is the founder, and editor, ofFull Circle, an official Ubuntumember, and part-time artist whosework can be seen at:http://ronnietucker.co.uk

HOWTO - KDENLIVE Pt 4

you’ll have to apply them to see ifthey’ll do keyframes. If they can,they’ll have a small icon of astopwatch in the effect properties:

This blur effect can beanimated by clicking the stopwatchto apply a keyframe.

TIP: Clicking the eye icon besidethe effect name will hide it, whileclicking the down-arrow will hidethe properties of the effect untilyou click the arrow to reshowthem. Both are useful when youhave several effects taking upspace or CPU time.

If the time on a keyframe iswrong, you can click on thekeyframe and set the time on it

using the ‘Position’ slider. In thiscase, ‘Kernel size’ is the amount ofblur. In this blur example, I have itreally blurry at the start(00:00:00:00), and getting sharper,until it’s returned to normal atroughly the 7sec mark. I still havemy zoom and pan too.

Next issue we’ll start a newseries of Blender tutorials!

CCOODDEEWWOORRDD

Solutions are on the second last page.

Every number in the grid is 'code' for a letter of the alphabet.Thus the number '2' may correspond to the letter 'L', for instance.All - except the difficult codeword puzzles - come with a fewletters to start you off

Puzzles are copyright, and kindly provided by,The Puzzle Club - www.thepuzzleclub.com

full circle magazine #67 28 contents ^

HHOOWW--TTOOWritten by Mark Crutch IInnkkssccaappee -- PPaarrtt 77

At the end of last month'sarticle, I promised thatwe would take a look atthe too pristine hat

that's adorning our now-lumpysnowman. The hat was added wayback in the second instalment ofthis series, when all we could drawwere ellipses and rectangles, and isa good example of how a fewcarefully chosen objects can foolthe eye into seeing shapes thataren't really there. Here's how itlooks when removed from thesnowman's head and rotated alittle:

There's obviously an ellipse atthe top, and another for the brim,but what of the main body of thehat? With your new knowledge

from last month, it would be easyto create by just converting arectangle to a path, and curvingthe top and bottom segments, butthis version pre-dates that insightby several months. Exploding thehat into its constituent partsmakes things a little clearer:

The body is just a rectanglewith an ellipse peeking out frombeneath it. By giving themmatching gradients we couldcreate the illusion of a singleobject. The curve at the topdoesn't exist at all, it's just anoptical effect created by puttingthe rectangle behind the ellipsethat forms the top of the hat.

Fooling the eye for artisticeffect can be very useful, but, inthis case, it was really just aworkaround for our lack ofInkscape skills. It would be better ifthe body of the hat was just oneobject with one gradient. Ourcomplete hat would then consistof an ellipse for the top, an ellipsefor the brim, and a path for thebody. We could do that byconverting the rectangle to a pathand changing the bottom edge to aBézier curve:

But we've already got the shapewe want in the outline formed bythe rectangle and ellipse. What wereally want to do is to combine

those objects into a single path. Inorder for Inkscape to know whichitems we want to combine, ourfirst step is to select them both.Switch to the selection tool, clickon the rectangle, and then holddown SHIFT while clicking on theellipse. The status bar should tellyou that you have “2 objects oftypes Rectangle, Ellipse” selected.If not, use Edit > Deselect (or justclick on the background, awayfrom any other objects) in order toclear your selection, then try again.Once you're happy that you've gotthe right two objects selected, usethe Path > Union menu entry(CTRL-+) to combine your objectsinto a single path:

full circle magazine #67 29 contents ^

HOWTO - INKSCAPE Pt7

If you zoom in closely you'llnotice that our new path isn't quiteas perfect as we would like. Somemisalignment of the ellipse to therectangle has resulted in extranodes being created that we'llneed to manually edit using theNode tool. Creating paths fromother objects in this way can be afast way to get the basic outline ofa shape, but usually you'll need todo some manual editingafterwards.

As well as adding shapestogether to form a single path, wecan also subtract them, cutting oneshape out from another. Lookingat the top of the hat, we could usethe ellipse to cut away a curvedsection. You don't need to be amathematical genius tounderstand that 1-2 doesn't giveyou the same result as 2-1.

Similarly subtracting a rectanglefrom an ellipse won't give you thesame result as subtracting anellipse from a rectangle, soInkscape needs some way ofknowing which object is the onewe're removing, and which is theone we're removing it from. This isdone using the stacking order.

The stacking order was brieflymentioned back in the first part ofthis series: objects within Inkscapecan sit 'on top of' each other, withones at the top of the stackobscuring those below (assumingthey're all fully opaque). Whenyou've got an object selected usingthe Selection tool you can move itup and down the stack using thesefour buttons on the tool controlbar:

To cut one object from another,the shape that is being removed

must be on top of the other object– in our case the ellipse needs tobe on top of the rectangle-with-a-curved-base. It's probably alreadyon top in the stack, but it doesn'thurt to get into the habit of alwaysmoving your cutting object on top

of the object to be cut. This is easyto achieve by selecting the ellipseand using the last of the fourbuttons to bring it right to the topof the stacking order. Now youneed to position the ellipse to cutout the shape you want – in thiscase overhanging the edge of therectangle. With that done it's asimple case of selecting bothobjects and using Path >Difference menu entry (or CTRLand the minus key) to subtract theellipse from the rectangle:

Unfortunately there are acouple of problems with the result:the first is that, once again, wehave some rogue nodes that willneed to be manually tidied up; thesecond is that our ellipse has nowcompletely disappeared! That's aside effect of the Path >Difference operation: the objectyou are cutting out is also removedin the process.

Press CTRL-Z (or use Edit >Undo) to restore your ellipse backto its pre-cut status. Now selectjust the ellipse and use Edit >Duplicate (CTRL-D). This will createa copy of the selected object(s) atexactly the same location on thecanvas, but at the top of the stack.It's worth getting used to thekeyboard shortcut for this as it's aparticularly useful feature – it notonly gives you a disposable copy ofyour cutting object to use, but alsosaves you having to manually moveit to the top of the stack. It evenleaves the new object selected, soyou just have to SHIFT-click on theobject to be cut, then use Path >Difference. Now our formerrectangle has a curved base and acurved top, and we still have anellipse to form the lid.

full circle magazine #67 30 contents ^

Mark has been using Linux since1994, and uses Inkscape to createtwo webcomics, 'The Greys' and'Monsters, Inked' which can both befound at:http://www.peppertop.com/

HOWTO - INKSCAPE Pt7But still there's a problem. A

close look at the join between thecurved rectangle and the lid showsa thin line showing through fromthe canvas or objects below.Inkscape uses “anti-aliasing” whenit draws your objects. This tries toapproximate edges that don't fallprecisely on pixel boundaries bydrawing a thin, translucent line togive the visual impression of asmooth curve. Usually it workswell, but when two suchboundaries meet it can lead to aslight gap where you don't reallywant one.

There are a couple of solutionsto this anti-aliasing issue: we couldadd a stroke to one or both of theobjects to cover up the gap, butthat's not always appropriate anddoesn't help if the problem objectsalready have strokes; alternativelywe could avoid relying on ourobjects perfectly abutting oneanother by making one of themoverlap the edge of the other. Inthis case we don't really need therectangle to have a curved top –we already had the visual effectwe were looking for with theellipse sitting on top of therectangle.

Let's CTRL-Z back to our

straight-topped hat. It may seemthat we've gone round in circles,but, along the way, you've learnedabout Path > Difference, the visualissues that anti-aliasing cansometimes cause, and the fact thatsometimes it's better to drawsomething that looks right, even ifits underlying structure isn't aspure or correct as you might like.Before finally reassembling the hatit might be worth adding somecreases and crumples using thepath tools from last month:

While you were in the Pathmenu looking for Union andDifference, you probably noticedthe other entries groupedalongside them: Intersection,Division, Exclusion and Cut Path.Together all these form the“Boolean” path operations –named after 19th Centurymathematician George Boole whoformulated the rules for combiningbinary data that underlie theseoperations. They all require twoobjects (though Union can workwith more than two), with theresult usually differing based on

which of the objects is higher inthe stack. The above tabledemonstrates the effect ofapplying each of these operationsto an overlapping square andcircle, and shows the difference inresults depending on which ofthese objects is on top of the other(in the case of Division and CutPath the resultant objects havebeen separated slightly to make iteasier to see the effect of theseoperations).

With a bit of practice theseBoolean operations will allow youto produce complex paths from afew simple shapes. They provide a

fast way to produce rough initialoutlines that you can then tweakwith the node tool into somethingmore refined. But don't dismissthem solely as a blunt instrumentfor coarse construction work: theycan also be used to sculpt andshape with the precision of ascalpel.

full circle magazine #67 31 contents ^

HHOOWW--TTOOWritten by Michael R. Youngblood WWeebb DDeevv -- CCRRUUDD PPtt33

As our CRUD (Create,Read, Update, Delete)continues, we are goingto jump right on in. I

want to show you how to useJavaScript itself before we rewritethe app with JQuery.Understanding the language ismore important than how to usethe libraries.

One of the first functions wewill write is going to be a very wellused one. You might actually wantto save this for future use. Thefunction needs to look at thedocument object, search for ids,and return the one you are lookingfor. First, we start out by creating afunction that takes one argument,we’ll call it ge for “get element”. Tocreate a function you simply write:

function ge(id) {

// code here

};

Now that we have a function,we need to write the code. We aresearching the document objectmodel for an id, which the

document object has a functionfor. So let’s bring the results ofthat function into a variable andreturn it.

// gets an element by its idfrom the document objectmodel (DOM)

function ge(id) {

var theElement =document.getElementById(id);

return theElement;

};

The line that starts with // iscalled a comment. This line is tohelp coders keep track of what isgoing on in their code, and allowthem to leave notes for otherpeople using their code.

The next thing is that we needto handle the form when thesubmit button is pressed. First, weneed to give an id to the formitself. Let’s call it “ubuVersFrom”.So now, the open form tag shouldlook like this: <formid='ubuVersForm'>. We need toadd just one more id to our HTML

form. Our submit button shouldhave an id of submit (‘ id='submit'‘). Your form button should nowlook like this: <input type="submit"name="submit" id='submit'value="Add" />.

So now that we have our formset, we can move back to theJavaScript. The JS contains in itsfirst line an alert to tell us that ourJS file is connected. This is prettyannoying when we are testing, solet’s change that to a consolelog—so we can see it if we want to,and forget about it if we don’t.Next, we create a variable thatcontains the form element we aregoing to be using and manipulatinglater; let’s call that ‘form’. Hint: wecreated a function to get elementsby id a little earlier in this article.

So, coding is a lot like logicalthinking. Think of how you wouldtell yourself what needs to happen.If the submit button is pressed,then do process the form. Thatmeans we are going to need tohave something that attaches afunction (let’s call it processForm)to the button. Browsers can be

tricky, and there are a fewdifferent ways to code somethings, and I want to show yougood uses of if/else coding... so, weare going to link the function tothe button two different ways, butonly once. Sounds funny, but it willall make sense.

Let’s start out by creating anif/else statement:

// Handle form event

if (argument) {

// do something

} else {

// do something else

};

If statements look very easy,but it’s also easy to lose track ofwhat is going on, so commentingthese heavily from the start isgoing to save you headaches downthe road. I know I want to fall backon the old and reliableaddEventListener, this (next page,top left) will then be in our elsestatement.

full circle magazine #67 32 contents ^

Michael Youngblood has been in theindustry of web design anddevelopment for 13 years. He hasbeen working for a world widewireless tech corp for six years and isworking on his bachelor’s of sciencein mobile development.

HOWTO - WEBDEV

Earlier, I had you create avariable that holds the formelement. It should have lookedsomething like this: var form =ge('ubuVersForm');. This is veryuseful now, because we can see ifthe browser let us look at what wecan do, what it contains, etc. Weare going to look for anattachEvent object within our formelement (below). If the browserallows it, let's use it.

We are almost ready to tryeverything out, only one problemnow. We need to write theprocessForm function. No sense inadding it to the submit button if it

doesn’t exist, right? Start bycreating a new function calledprocessForm (above right), withone argument, and make it returnfalse. Now that you have afunction, the first thing we want tohappen is to stop all defaultactions the browser knows to take.Again, we only want to do this ifthe browser allows for it. To do thiswe use a object calledpreventDefault.

The above code pulls in theform element (as formElement)that you had tied to the event,checks if the browser allows forpreventDefault, and does

preventDefault if it does. The ifstatement is on one line in thiscase because it is such a simplecheck and run. You could put thison multiple lines, and add an elsestatement, and maybe console log,if it doesn’t allow preventElement.You could also add console logs tothe if/else statement to attach thefunction to the submit event.

We covered quite a bit of stuffthis month. The following is anupdate of how your code shouldlook now. Thank you for followingalong, I would love to see what youguys have now, or

questions/comments that youmight have. Feel free to share viatwitter @aliendev2 and/orhashtag #FCMWebDev.

The full code is on PasteBin at:http://pastebin.com/pV6RGmBg

// Handle form eventif (argument) { // if the browser allows for attachEvent

// attach processForm function to trigger when submit button is pressedform.attachEvent("submit", processForm);

} else { // if not then lets just add the ol' event listener// when submit is triggered, run the processForm functionform.addEventListener("submit", processForm);

};

// Handle form eventif (argument) {

// do something} else { // if not then lets just add the ol' event listener

// when submit is triggered, run the processForm functionform.addEventListener("submit", processForm);

};

// process formsfunction processForm(formElement) {

if (formElement.preventDefault) {formElement.preventDefault() };

console.log(‘form has been processed.’);

// Return false to prevent the default form behaviorreturn false;

};

full circle magazine #67 33 contents ^

HHOOWW--TTOOWritten by Ronnie Tucker WWrriittee FFoorr FFuullll CCiirrccllee MMaaggaazziinnee

Guidelines

The single rule for anarticle is that it mustsomehow be linked toUbuntu or one of the

many derivatives of Ubuntu(Kubuntu, Xubuntu, Lubuntu, etc).

Rules

• There is no word limit for articles,but be advised that long articlesmay be split across several issues.

• For advice, please refer to theOfficial Full Circle Style Guide:http://url.fullcirclemagazine.org/75d471

• Write your article in whicheversoftware you choose, I wouldrecommend LibreOffice, but mostimportantly - PLEASE SPELL ANDGRAMMAR CHECK IT!

• In your article, please indicatewhere you would like a particularimage to be placed by indicatingthe image name in a newparagraph or by embedding the

image in the ODT (Open Office)document.

• Images should be JPG, no widerthan 800 pixels, and use lowcompression.

• Do not use tables or any type ofbold or italic formatting.

If you are writing a review,please follow these guidelines :

When you are ready to submityour article please email it to:articles@fullcirclemagazine.org

Translations

If you would like to translateFull Circle into your nativelanguage please send an email toronnie@fullcirclemagazine.org andwe will either put you in touch withan existing team, or give youaccess to the raw text to translatefrom. With a completed PDF, youwill be able to upload your file tothe main Full Circle site.

REVIEWS

Games/ApplicationsWhen reviewing games/applications please state clearly:

• title of the game• who makes the game• is it free, or a paid download?• where to get it from (give download/homepage URL)• is it Linux native, or did you use Wine?• your marks out of five• a summary with positive and negative points

HardwareWhen reviewing hardware please state clearly:

• make and model of the hardware• what category would you put this hardware into?• any glitches that you may have had while using the hardware?• easy to get the hardware working in Linux?• did you have to use Windows drivers?• marks out of five• a summary with positive and negative points

You don't need to be an expert to write anarticle - write about the games, applicationsand hardware that you use every day.

UPDATED!

full circle magazine #67 34 contents ^

https://spideroak.com

Get 25% off any SpiderOak packagewith the code: FullcirclemagFans

full circle magazine #67 35 contents ^

AASSKK TTHHEE NNEEWW GGUUYYWritten by Copil Yáňez

Hi, everyone! Welcomeback to Ask the NewGuy!

If you have a simple question,and want an answer that doesn’trequire grad school, contact me atcopil.yanez@gmail.com.

Today’s question comes to usfrom anonymous poster SchmopilSchmanyez who asks:

Q: How do I make my desktoplook like a Terminator’s heads-updisplay?

A: Good question, Schmopil! Andmay I add that I can tell by yourquestion you are one handsomedevil.

If you’re reading my column,then you’re either an Ubuntuneophyte like me, or you’re just amasochist who loves seeing theEnglish language butchered innovel ways. If you’re the former,and using Ubuntu is a relativelynew experience, then you mightnot understand the appeal of

tweaking your desktop to make itlook like it’s been taken over by theghost of TRON.

But you will, trust me. See,using Ubuntu is like playing a videogame. The main campaign isusually fun and exciting, but thereare also achievements to beunlocked along the way.

The first achievement to unlockis, of course, installing Ubuntu.Hopefully this magazine, and theplentiful resources online, haveshown you how drop-dead simpleinstallation can be. Let’s put it inManspective (the uniquely malepoint of view that is three partsaction movie, one part porn, zeroparts reality): installing Ubuntu isakin to showering before a date.Yes, it takes a little bit of time. Yes,most people proceed in a similarfashion (hair, pits, ugly bits). And.yes, the process can go horriblywrong if you’re not careful. Insteadof coming out smelling like an Irishhillside, and looking like a well-kept arboretum, you can come outcovered in your own blood andbegging for death. I hear you

saying, “That will. Never. Happen.To me.” Well, I thought the samething until this morning. Justsayin’.

Once that main achievement isunlocked, the vast majority of first-time users proceed like a dragon-hunter in Skyrim. Learn The Way ofthe Voice? Check. Gain ElderKnowledge? Check. Defeat Alduin?Check and done. Ubuntu is thesame way. Install Ubuntu? Check.Compose Mail? Check. OpenBrowser? Check and done.

Unless you have a problem witha scanner, or can’t print, yourUbuntu campaign will be worry-free, and you’ll have no reason tocheck in with the forums or askquestions of barely literatecolumnists in otherwiseoutstanding magazines.

But just off the main campaign,there are less-traveled avenues toexplore, backcountry roads wherethe local dialect is spoken in banjo,and moonshine is the coin of therealm. In the Skyrim example, theside-quests let you get married,

build a house or adopt a child.

(A quick note: Skyrim’s side-quests are what happens when youleave forty-year-old programmersunchecked. I half expect there tobe a quest to maximize myretirement holdings.)

Ubuntu has its own hiddenachievements; side-quests thattake advantage of your growingskill. Schmopil is asking about oneof the most popular unlockableachievements in Ubuntu: thecustomized desktop.

You can find examples all overthe web. You can also see someamazing desktops just by turningto the “My Desktop” pages of thismagazine. Look at those beauties!There’s so much eye candy I wantto stick myself with an insulin pen!

But what’s really amazing ishow easy it is to do some basictweaking that will make yourfriends and family think you’vesecretly joined an evil society benton world domination, and yourhumble desktop is the command

full circle magazine #67 36 contents ^

center.

Here’s how.

First, let’s show you a “Before”image of my desktop (right).

Look at it. All sad and boringlike me in high school. But not toworry, we’re about to give this badboy a Silkwood shower!

First, let’s add a moreinteresting background, oneworthy of the souped up,practically sentient operatingsystem we’re working with.

Go online and find an image youlike. It can be anything. Maybeyou’re really into cars. Or rocketships. Or dinosaurs. This is no timeto censor your inner kindergartner,go ahead and have fun. The bestpart is that you can always changeit to something else later.

Found something you like?Good, save it to your Picturesfolder.

Now go to your desktop andright click. A window pops up inUbuntu 12.10 giving you theoption to Change DesktopBackground. Click that. In the new

window, click on the pull-downthat says Wallpapers and selectyour Pictures folder.

Find the image you want andselect it. Boom! You justcustomized your background. Youcan play with the pull down thatsays Zoom and see how thataffects your wallpaper. Onceyou’ve found a look you like, clickon the Behavior tab at the top ofthat window.

One of the fun things aboutUbuntu is that you can go for a

really slick, uncluttered look.Under Behavior, you can tellUbuntu to hide the icon strip onthe left side of your screen whenyou’re not using it. To do this, justswitch the button next to Auto-Hide Launcher from Off to On. TheLauncher disappears but isavailable at any time by simplymoving your cursor all the way tothe left side of your screen.

Neat, right?

Okay, close the window andtake a look at your handiwork.Here’s mine:

Aw, HELLS YEAH! My computerjust locked the pod bay doors,Dave!

Amazing how just a tiny bit oftweaking can give your computer awhole new look and feel. In mycase, the look and feel of apsychotic artificial intelligence.

Next, we’re going to add somebling that will not only make yourdesktop look like it just steppedout of the Matrix, but will also giveyou useful information aboutwhat’s going on under the hood.

One of the neatest little gemsin the Ubuntu mine is a programcalled Conky(http://conky.sourceforge.net/).The description says it’s a systemmonitor. But that’s like sayingLouboutins are shoes. There’s somuch more to it than that.

By tweaking Conky’sconfiguration file (which is just afancy way of saying, “Telling Conkywhat to do”), you can bring yourdesktop to glorious life.

First let’s install Conky. Do itfrom the terminal so you maximizeyour Ubuntu bad-assery. Press

ASK THE NEW GUY

full circle magazine #67 37 contents ^

CTRL-ALT-T to open a terminalwindow, and type:

sudo apt-get install conky-all

Once you enter your passwordand Conky finishes installing, run itby typing:

conky

A display appears on yourdesktop, sitting over whateverwallpaper you chose. Below iswhat the default Conky setuplooks like on my desktop.

Holy guacamole, I’m actuallystarting to fear my desktop.

Awesome!

Conky gives you real-timeupdates about how much memoryyou’re using, the programs you’rerunning, how hard your computer

is working, etc. This is NOT themachine you take to the nursinghome where you volunteer to helpthe residents check email. It’s themachine you take to your highschool bully’s house to show himhow hard you got over the years. Ifwe did nothing else, we’d still havethe most intimidating desktop onthe block.

But remember thatconfiguration file thingy Imentioned? You can tweak thesettings that tell Conky what todisplay and how to display it. Bychanging the config file, you canget some of the incredibledesktops shown in FCM: “MyDesktop”. Let’s see if we can’t havesome fun.

The first thing we want to do ishave Conky start whenever youboot up your computer. To do this,click on the Dash Home and typeStart into the search field. You’relooking for an Application calledStartup Applications.

Click on that. In the windowthat comes up, click Add.

Where it says Name, type conky.Where it says Command, typeconky. Yeah, I know this iscomplicated stuff; try to keep up.

Click Add and then close thewindow. Now, whenever you startyour computer, Conky starts up aswell.

Time to play with that configfile. Start with a fresh new terminalwindow and a clean prompt bytyping SHIFT-CTRL-T. At theprompt, type

cd /etc/conky/

We’re telling Ubuntu to ChangeDirectory to the Conky folder. Nowtype:

ls

You should see a list of filesincluding one called conky.conf. Inthat file are all the commands thatcontrol how Conky looks and whatit displays.

We’re going to play with thatfile and see how it affects ourConky window. Before we do that,let’s copy the file and create abackup in case we bork the wholething and need to get back to ouroriginal setup. To do this, type:

sudo cp conky.confconkybackup.conf

We just told Ubuntu to Copy thefile conky.conf and name the newfile conkybackup.conf. Now we cantweak the original file but restorethe defaults if we get in trouble(I’ll show you how later).

Time to play. To open up theConky configuration file, type

gksudo gedit conky.conf

Gedit is a standard text editor(you can use whatever you prefer),and we’re telling it to open theconky.conf file. By using sudo, andentering your password whenprompted, you are giving yourselfpermission to change the

ASK THE NEW GUY

full circle magazine #67 38 contents ^

Copil is an Aztec name that roughlytranslates to “you need my heart forwhat again?” His love of women’sshoes is chronicled atyaconfidential.blogspot.com. Youcan also watch him embarrasshimself on Twitter (@copil).

conky.conf file.

Scroll through the conky.conffile. Any line that starts with a # isignored by Conky. When you seesomething like ‘alignment top_left’you can probably guess what thatdoes. Let’s live on the edge andchange ‘alignment top_left’ to‘alignment top_right’ and see whathappens.

Click Save and close the geditwindow. Back in your terminal,type:

conky

If you restart your computer atthis point, the changes to theconky.conf file will take effect andyou will see only one Conkywindow at the top right.

But don’t restart yet. You canmake even more radical changes tothe conky.conf file – and thenrestart once you’re happy withhow everything looks.

Let’s go back to playing. Get theconky.conf file open again bytyping:

gksudo gedit conky.conf

What can we put in there? Youcan find some fun examples here(http://ubuntuforums.org/showthread.php?t=281865&highlight=desktop+screenshot). That thread hasover TWO THOUSAND PAGES ofcustom Conky config files you canuse!

I picked the first one, copied thecode and pasted it over the text inmy conky.conf file. You can do thesame. From the following link, copyand paste the lines of code intoyour conky.conf file (make sure youget all of it and completely replacewhat was already in the file):http://pastebin.com/Bda2V62Q

Click save and close gedit.

Open a new Terminal windowand type:

killall conky

Then type:

conky

Killall terminates the originalconky session so you can run itagain with the new setup. Ifeverything went to plan, youshould see something like this

Now how cool is that?! Thecorrect answer is ALL. All cool.

This is just the beginning! Thereare ways to tell Conky to displayweather, use pretty graphics,display data horizontally, etc. Youcan even call up multiple Conkywindows and place them indifferent areas on your screen! Gograpenuts!

There’s a TON of resources formaking Conky look incredible but

also give you useful updates. Startwith this Ubuntu community page(https://help.ubuntu.com/community/SettingUpConky) and then lookaround for interesting desktops.

By the way, you’ll seereferences to a .conkyrc file.Creating a .conkyrc file works justas well as what I did here. I preferbacking up the conky.conf file andthen tweaking it directly justbecause it keeps me in the samedirectory as my backup in case Imess up. I’m less likely to getconfused that way. But dowhatever works for you.

Have fun making your computerlook like Hal from 2001! But just,you know, hang on to a spare set ofkeys for the pod bay.

ASK THE NEW GUY

full circle magazine #67 39 contents ^

LLIINNUUXX LLAABBWritten by Charles McColm 1122..1100 oonn aann HHPP 66771100bb NNootteebbooookk

For years, we’ve had a bit ofa giggle, poking fun atMicrosoft wheneverthey’ve done something

even remotely bad, like collectingusage data. With the release ofUbuntu 12.10, it’s Canonical’s turnto do something shockingly bad, bysending your keystrokes toFacebook, Amazon, and otherpartners. It’s a feature that’sturned on by default. Even worse,there’s no consent windowwarning you Canonical is going torecord your Unity dash searchkeystrokes, only a tiny info buttonat the bottom-right of the dashwhich leads to a quite scarylooking notice (right).

This “feature” can be turned offvia the Privacy panel in SystemSettings, but it’s on by default andnot very obvious unless youhappen to click on that small infobutton.

If you can get past that, there’sa lot going on in this new release.

I tested Ubuntu 12.10 on an HPCompaq 6710b notebook which

has a Core 2 Duo T7100 1.8 GHzCPU (2 cores), 2 GB RAM, IntelGM965 graphics (256 MB), and an80 GB hard drive.

The installation went offwithout a hitch, and no work wasrequired to get the wirelessworking. The only feature on thenotebook which didn’t work out-of-the-box was the integratedfingerprint reader. Unityperformance is good with 2GB of

RAM. It feels a bit snappier than12.04 did, and I rarely getapplication crashes, though theydo happen sometimes.

The first obvious change is theaddition of the ability to remotelylog in to another machine via RDP,directly from the login screen. Thismeans you don’t actually have tobe logged in to the computersitting in front of you to remotelylog into another computer, a handy

feature in mixed networks whereyou have to log into Windowsmachines.

The next obvious change is theaddition of the Amazon store tothe Unity panel, which lead me tofinding out about Unity’s new webapplication integration. Popularwebsites like Gmail, Facebook, andOMGUbuntu are better integratedinto Unity: a pop-up appears askingif you want to install. Integrationadds features like being able toaccess your messages from themail drop down at the top of thescreen.

Social networks are alsointegrated better in Ubuntu 12.10.Not only do networks appear inthe top panel, but they’researchable through the Unity lens,if you have the networkconfigured. This is a really handyfeature when you’re trying toremember who tweeted aparticular message hundreds oftweets ago. I tested searchingidenti.ca messages.

Perhaps the coolest feature

full circle magazine #67 40 contents ^

LINUX LAB

that’s been added is the ability topreview certain content in Unity,music for example. Right clickingon search results brings upinformation about the music, andsometimes a preview of the music.Occasionally, parts of entirealbums can be previewed beforepaying to download the music.

Preview also works for movies,pictures, and documents, thoughpreviews for movies actually openup Firefox and run on Youtube.Picture preview allows you toemail the previewed picture, buthere’s where some of that webapplication integration falls down.Picture/Document attachmentsdefault to Thunderbird (which Ididn’t have set up) rather than

Google Mail.

The Ubuntu Software Centrehas video previews for someprograms. The video previews Ichecked out were all throughVimeo, a strange mix usingYoutube in the Unity lens and

Vimeo in USC. Software Centrevideo previews can be expanded tofull-screen. I spoke with friendsusing Ubuntu 12.04 and Ubuntu12.10, and the few who have beenbuying apps said they haven’t hadany problems so far.

Ubuntu 12.10 is animprovement from a performancestandpoint. Canonical hasintroduced a few new features, butthe features need work beforethey are really useful. And, forsome of those features, sendingkeystrokes toAmazon/Facebook/etc, Canonicalshould get a slap on the wrist.

Charles is a step-father, husband,and Linux fan, who hosts a not-for-profit computer refurbishingproject. When not breakinghardware/servers, he maintains ablog at:http://www.charlesmccolm.com/

full circle magazine #67 41 contents ^

CCLLOOSSIINNGG WWIINNDDOOWWSS AAddddiinngg FFoonnttss

Written by:Ronnie Tucker (KDE)Jan Mussche (Gnome)Elizabeth Krumbach (XFCE)Mark Boyajian (LXDE)

Every now and then, you’llwant to add some pizazzto your Word documentor presentation. This is

usually done by adding fonts toyour Windows XP system. It’s assimple as giving XP a folder offonts (bottom left in the aboveimage) and clicking OK. The fontswill be added to your system andbe available to any application thenext time the app is loaded.

Kubuntu

Kubuntu (and KDE in general)makes it even easier to add a font.Simply right-click any Windowscompatible font file and choose toopen it with KFontView:

This will give you a preview ofthe font, and, if you wish to installthe font, simply click the ‘Install...’button at the bottom right of thewindow.

Gnome-Shell

When using Gnome, there is asemi-automatic way of installingextra fonts. Simply use theSoftware center. Type font or TrueType Font in the search field, andyou’ll get a list of all fonts availablein your system. Choose the one youwant to install and let the programdo the rest.

Another way is to downloadfont files and store them in yourhome directory. Now double-clickthe file (with extension fon, fnt, ttc,ttf or otf), and you see examples ofthe lettertype. At the bottom-right,you can click on the button InstallFont. If everything could be thatsimple!

With gnome-tweak-tool, it ispossible to change the default fontfor certain items. Open theprogram and click in the left

column on Fonts. Now it is possible

to change the default font,monospace, document font, andwindow title font. Also you can setthe values for hinting andantialiasing.

full circle magazine #67 42 contents ^

Xubuntu

Given the minimalist approachof the file manager in Xfce, there isno automatic way of installingfonts in Xubuntu. However, it onlytakes a few steps to install a fontmanually.

To install a font on your wholesystem, you can do the following:

Open the file manager (thunar)as an administrative user with thiscommand:

gksudo thunar

Navigate to /usr/share/fonts/,create a new folder for your fonts,and move your .ttf files to it.

Close thunar and run thiscommand for the system to pick upthe changes:

sudo fc-cache -f

Alternatively, if you wish toinstall (or restrict access to) thefont for only your own use, you cando the following:

Create a .fonts/ directory inyour home directory and move

your .ttf files to it.

Then, for the system to pick upthe changes, just run:

fc-cache -f

Now your new fonts should beavailable to your applications anddesktop environment.

Lubuntu

As with Xubuntu above, there isno “automatic” processing toinstall fonts in Lubuntu. In fact, theprocess in Lubuntu is virtually thesame as in Xubuntu, so thereseems little point to reiterate whathas already been competentlydocumented [under Xubuntu]. Twoquick points of distinction,however, for Lubuntu:

In Lubuntu, the file manager isPCManFM. You can open PCManFMas superuser in one of two ways:

From the command line, enter:

gksudo pcmanfm

You are then prompted for yourroot password. Upon providingyour password and clicking OK (orpressing Enter), PCManFM will

open – along with a small dialogbox which states: Error PermissionDenied.

This is extremely misleadingbecause the message is wrong! Youdo, in fact, have permission andPCManFM is, in fact, running asroot, so treat it with respect!Simply click OK in the dialog box toclose it, and you are ready tonavigate your file system as rootusing PCManFM.

One important caveat: you willnotice that the path field is“blacked out” with a red “bang” atthe left end of the field. To behonest, I have no idea what theactual intent of this behavior issupposed to accomplish other thanto remind you that you are running

as root (and that’s a very importantvisual aid!); however, I discoveredthat triple-clicking in the path fieldwill reveal the path string. In fact,once you’ve triple-clicked in thisfield, it can be used as in a“normal” (i.e. non-root) instance ofPCManFM; however, each time thepath changes, you need to triple-click in the field again to reveal itscontents. If all this is intended toconstantly remind you that you arerunning as root, then that’sfantastic; otherwise, it can be a bitof nuisance.

You can, of course, openPCManFM as a user from the GUI(Accessories > File Manager), andthen invoke a root instance. OncePCManFM is open, you cannavigate to any folder, then, from

CLOSING WINDOWS

full circle magazine #67 43 contents ^

the menu bar, select Tools > OpenCurrent Folder as Root. You willthen be prompted for your rootpassword, and a new instance ofPCManFM will open as root. Unlikeopening as root from thecommand line, you are notprovided with the misleadingdialog box; however, all otherfunctionality is the same.

NOTE: Once you have a rootinstance open, you will have rootprivileges to any folder/file towhich you navigate! Rootprivileges are not limited only tothe folder from which you invokedthe root instance of file manager,even though that seems to beimplied by the menu title (“OpenCurrent Folder as Root”). Bewarned!!

You are not limited to installingonly .ttf font files in the fontsdirectory (either the systemdirectory or the user directory);you can also install .otf (OpenTypeFont) font files and they will work,too.

A quick comment on fonts andfont management in minimalistdistros like Lubuntu: There is awonderful font managementprogram available in most

repositories called FontyPython.This lovely little program excels atmanaging your installed fonts,displays a preview of selectedfonts, and allows you to create“Pogs”: custom collections offonts. And, as if that’s not enough,the “Monty Python” parallels arecarried throughout the application;quite humorous.

So, even though Lubuntudoesn’t come with “fancy” fontpreviewing software preinstalled,it’s a snap to drop it in and geteven more nifty functionality (likePogs), not to mention clever“Python-isms”.

CLOSING WINDOWS

QUICK MY STORY

In 2007 my husband bought me a laptop as a surprise. It was anAcer Aspire loaded with Vista. I struggled with it for about sixweeks and got more and more frustrated facing 'Allow or Deny?'at almost every step.

I had been using computers for quite a long time at that point,starting with an Apple and Win3.1 back in the early 90s, working up toan iMac at home and Windows at the university where I was working.

I'd been a member of an online forum where I became friends withthe tech guy of a company in the mid-west. He'd been talking to mefor a while about Linux, in his personal life and also on the companycomputers. So much of what he said was intriguing that I started tothink that maybe I could try Linux, too.

One October weekend in particular I'd had enough. I startedlooking through various websites trying to get a sense of what flavorof Linux was the easiest to use for newbies, had the best support asfar as technical information and moral support for those with noprevious experience. Everything pointed to Ubuntu. I downloaded 7.04and dumped Vista.

My Acer was equipped with wireless, but it wasn't working. Istarted investigating that and learned more about my system in thattime than I had previously learned about PCs. Then the "Update"dialog popped up and I was notified that 7.10 was available. Idownloaded all the updates and restarted. The system came back on,and I just happened to be staring at the indicator area when the wiredicon went out and was replaced with a wireless icon! I was hookedright there, and was a happy convert after that.

Amanda Makepeace

full circle magazine #67 44 contents ^

MMYY SSTTOORRYY

This story begins at thebeginning of 2010. I wasbroke at the time, so I wastrying to find a free

operating system. I neededsomething that could run on myPCs at home. I had searched on theInternet, but found nothing usefulfor a long time. But one day I wasat Barnes and Noble, and I saw amagazine for Linux. Although I hadheard of Linux before, I never

thought of it as something I wouldever be able to use. When I askedpeople whom I knew werecomputer professionals, I was toldit was for people who wereexperts, and it was difficult to use.I never heard anything positiveabout it. I am so amazed that Ihadn’t came across it sooner.

When I read the magazine, Ibecame exposed to Ubuntu 9.10,

Karmic Koala. It sounded so good,as if it was exactly what I waslooking for. As a result, I got veryexcited, took it home, and to mysurprise had such an easy timeinstalling it to my PC that I decidedto run it along with Windows XP asa dual boot system. All I did wasput the live CD in the drive and theinstructions were step-by-step—you would have to be prettyslow to not understand how to setthings up.

Since then, I have been verysatisfied with Ubuntu in general,and I have been able to check outlater versions of it from 10.04 to12.04.

Anthony Venable

The day I got my brand newCompaq laptop from mylocal tech shopping mall, Ibought some blank CDs to

do some burning of the UbuntuOS. I had also done a little bit ofreading about installing Ubuntubefore that. It was, errrr, a

nightmare revisited!

Firstly, my friend Faizalrecommended that I install theNetbook version 10.10—withoutknowing that it should be fornetbook, not laptop! I wentthrough the installation process,and... BAMM! Display resolution allwrong; no sound; no nothing! I was,like, OMG, here I go again!

When I related my terriblenightmare to Faizal, he said it couldbe a version problem. Netbookshave limited support in terms ofhardware. I was, like, ok, yeah, thatmakes sense to me. I proceeded toinstall the Desktop version 10.10,and, BAMM again—another displayresolution all wrong, still no sound,I got the X Server bootup problembut it wouldn’t auto boot to GUI.

I combed through the Ubuntusupport forum online, looking foranswers and solutions. Perhapssomeone out there has done itbefore, and has the answers I amlooking for? It had been the 5thday since I started my venture withUbuntu. Sleepless nights—digging

full circle magazine #67 45 contents ^

MY STORYthe internet and the UbuntuSupport Forum for an answer. Noluck in my editing of configurationfiles, driver updates, or newpackages installation.

I posted a help call in Ubuntu FBtwice, and suddenly some Chinesefellow told me to re-compile theKernel to an older version. A bit ofa blur, I Google up the Kernelversion. I got the answer that it’san older version of Ubuntu version10.04. I reposted my question tothe Chinese fellow and he told methat it’s the only way to get mylaptop running and speaking tome. Well, if that’s the solution toend my sleepless nights andnightmare, let it be.

I got Ubuntu 10.04 LTS, andready for a final showdown! It hasto work this time or I might go MIAagain! After the installation ended,I rebooted my laptop and waited awhile as I searched for morepossible answers online with myold laptop. It booted straight intoGUI with beautiful colors but nosound coming from my AltecLansing. I tried plugging in thesound port, and I could hear softmusic. I knew my laptop was tryingto speak to me. Back to combingthrough Ubuntu Support forum

again. I got a suggestion toupgrade the ALSA and Realtekdrivers to the latest versions.

I rebooted and then a soundcame from my new laptop! It wascalling, talking to me! I was, like,OMG! It was the most beautifulsound coming from my new AltecLansing laptop since I had boughtit a week previously. As it bootedup, it continued to go straight intothe GUI. Then I double-checked thedisplay resolution, webcam, USBconnection, WIFI, and it was ALL

PERFECT! As I started to venturearound the Ubuntu system, I finallyfelt at peace! It was already on the7th day that I was able to sleep asilent night. I felt happiness and joythat my journey of the re-entry hasbeen completed.

After a few more days of toyingand playing with the system, I gotmy Ubuntu to look like a Mac OSX!How cool is that? WAY COOL I say! Imanaged to post on Twitter, FB,chats, emails, played a few simplesmall games, and it all worked just

fine. All the while, the systemnever hung or froze like my oldlaptop, which was pretty annoying.Linux, it’s so good to see you againmy old friend. There you are. I amglad that I haven’t lost all of myLinux touch yet!

I have now upgraded to 12.04.Some bugs in Gnome are stillfighting inside with Unity, and it’s awork-in-process to find a fix now.

Margaret Chong

full circle magazine #67 46 contents ^

MMYY OOPPIINNIIOONN

PCMAG.COM had an articleentitled “Clearing Up 5Windows 8 Confusions”that made me do some

thinking:http://www.pcmag.com/article2/0,2817,2411466,00.asp. Most peopleout there use computers (desktopor laptops), and carry either asmartphone or tablet or someportable device. Now, we are usingdifferent operating systems onthese devices. Some of the mostpopular ones are Android, iOS, andWindows. Besides the OS, we alsouse different desktops.

This article talked aboutconfusions in Windows 8, but wealso have confusions about otherthings that we use. When we thinkabout Tablet OS or PC OS, there isa difference here as well. Forexample, if you are using Androidon a tablet: it works great with atouch-screen, but, when you use amouse and keyboard, you run intoproblems. Just try the navigationkeys and shortcut keys, and youwill see what I mean.

Now, in Windows 8, you find the

new style (formerly known asMetro) vs. desktop. One isdesigned to work with touch-screens, and the other to workwith PCs with a desktop. The sameis true with an OS designed forthings like Android Touch Screendevices. Remember, Android isLinux-based. Thus it is open-sourceand there are many versions ofAndroid. For example, my wife hasa Chromebook with GoogleOS—which is Android. But thisdoes not have a touch-screen, soAndroid can be designed to workwith devices without touch-screens. At this point, I need tomention that, if you have a Nexus7, you are running Google Androidthat is designed for touch-screendevices.

So, what is the differencebetween Windows 8 and WindowsRT? Keep this in mind when youthink of Win RT; it is purely a tabletversion of Windows 8. This is nodifferent than my Android (Linux)running on my B&N Nook, which isdesigned for a touch-screen device.

Now, with all this talk about

touch-screen devices with their OS,I must mention that Apps need tobe developed to run on thesedevices, e.g., Angry Birds. You canfind this app on the B&N onlinestore for the Nook, Amazon storefor the Kindle and many otherdevices, and Google store for theNexus 7. And now we have aWindows 8 store with apps for WinRT devices. Remember this fact,that these apps are developed forall these touch-screen devices, andnot for desktops and laptops.

If you are using the GoogleChrome Browser, you can run someof the same apps that run onGoogle Chromebook. I know thisfor a fact because I do it myself. Iam not a developer, but Iunderstand that there is adifference in the design of theseapps from programs that run oncomputers. The way things worktoday are different than a fewyears ago. Previously, you turnedyour computer on and your OSloaded. When you were at yourdesktop, you started your word-processor and started typing.Everything was on your computer.

Now, you turn on your computer,your OS loads. You go to your WebBrowser, click on an app likeGoogle Docs, and start typing.Everything is in the cloud. This isthe future.

All this time that I have beenwriting about Windows 8, Android,etc, I've had Ubuntu Linux in theback of my mind. Right now, thingsare like this: I have my laptoprunning Ubuntu, and my tabletrunning Android. I don't run myAndroid apps on my laptop, and Idon't run my laptop programs onmy tablet. But I am lookingforward to the day when I can havea machine that runs the sameapplications. So, no matterwhether I use it on a laptop ortablet, I will be on the same page.Yes, Windows 8 is designed to dothis, but, remember I said you haveWindows 8 and you have WindowsRT. However, with Ubuntu with theUnity desktop, you will be able torun it on your tablet, TV, Phone,Computer, and other devices. And,as far as I know, you will be able torun the same programs. This is theway it should be.

Written by Irv Risch

full circle magazine #67 47 contents ^

WWHHAATT IISS......Written by Wikipedia

I hope this will become a newcolumn. I’d like to use this space toshow articles that take a singlesubject and explain (briefly, andsimply) the history, some behind-the-scenes information, and howthe software we use interacts withthe chosen subject. Send yourarticles toarticles@fullcirclemagazine.org

Here are some ideas to help getyou creative: newsgroups, IRC,BitTorrent, email, theweb, video

codecs, the kernel, graphics

tablets...

Pretty Good Privacy (PGP)is a data encryption anddecryption computerprogram that provides

cryptographic privacy andauthentication for datacommunication. PGP is often usedfor signing, encrypting anddecrypting texts, e-mails, files,directories and whole diskpartitions to increase the securityof e-mail communications. It wascreated by Phil Zimmermann in

1991.PGP and similar products follow

the OpenPGP standard (RFC 4880)for encrypting and decryptingdata.

Design

PGP encryption uses a serialcombination of hashing, datacompression, symmetric-keycryptography, and, finally, public-key cryptography; each step usesone of several supported

algorithms. Each public key isbound to a user name and/or an e-mail address. The first version ofthis system was generally knownas a web of trust to contrast withthe X.509 system, which uses ahierarchical approach based oncertificate authority and which wasadded to PGP implementationslater. Current versions of PGPencryption include both optionsthrough an automated keymanagement server.

Compatibility

As PGP evolves, PGP thatsupport newer features andalgorithms are able to createencrypted messages that olderPGP systems cannot decrypt, evenwith a valid private key. Thus, it isessential that partners in PGPcommunication understand eachother's capabilities or at leastagree on PGP settings.

Confidentiality

PGP can be used to sendmessages confidentially. For this,PGP combines symmetric-keyencryption and public-keyencryption. The message isencrypted using a symmetricencryption algorithm, whichrequires a symmetric key. Eachsymmetric key is used only onceand is also called a session key. Thesession key is protected byencrypting it with the receiver'spublic key thus ensuring that onlythe receiver can decrypt thesession key. The encryptedmessage along with the encrypted

PPGGPP EEnnccrryyppttiioonn

full circle magazine #67 48 contents ^

WHAT ISsession key is sent to the receiver.

Digital signatures

PGP supports messageauthentication and integritychecking. The latter is used todetect whether a message hasbeen altered since it wascompleted (the message integrityproperty), and the former todetermine whether it was actuallysent by the person/entity claimedto be the sender (a digitalsignature). Because the content isencrypted, any changes in themessage will result in failure of thedecryption with the appropriatekey. The sender uses PGP to createa digital signature for the messagewith either the RSA or DSAsignature algorithms. To do so,PGP computes a hash (also called amessage digest) from theplaintext, and then creates thedigital signature from that hashusing the sender's private key.

Web of trust

Both when encryptingmessages and when verifyingsignatures, it is critical that thepublic key used to send messagesto someone or some entity

actually does 'belong' to theintended recipient. Simplydownloading a public key fromsomewhere is not overwhelmingassurance of that association;deliberate (or accidental)impersonation is possible. PGP has,from its first versions, alwaysincluded provisions for distributinga user's public keys in an 'identitycertificate' which is alsoconstructed cryptographically sothat any tampering (or accidentalgarble) is readily detectable. Butmerely making a certificate whichis impossible to modify withoutbeing detected effectively is alsoinsufficient. It can preventcorruption only after thecertificate has been created, notbefore. Users must also ensure bysome means that the public key ina certificate actually does belongto the person/entity claiming it.From its first release, PGP productshave included an internalcertificate 'vetting scheme' toassist with this; a trust modelwhich has been called a web oftrust. A given public key (or morespecifically, information binding auser name to a key) may bedigitally signed by a third partyuser to attest to the associationbetween someone (actually a username) and the key. There are

several levels of confidence whichcan be included in such signatures.Although many programs read andwrite this information, few (if any)include this level of certificationwhen calculating whether to trusta key.

The web of trust protocol wasfirst described by Zimmermann in1992 in the manual for PGP version2.0:

As time goes on, you willaccumulate keys from other

full circle magazine #67 49 contents ^

WHAT ISpeople that you may want todesignate as trusted introducers.Everyone else will each choosetheir own trusted introducers. Andeveryone will gradually accumulateand distribute with their key acollection of certifying signaturesfrom other people, with theexpectation that anyone receivingit will trust at least one or two ofthe signatures. This will cause theemergence of a decentralizedfault-tolerant web of confidencefor all public keys.

The web of trust mechanismhas advantages over a centrallymanaged public key infrastructurescheme such as that used byS/MIME but has not beenuniversally used. Users have beenwilling to accept certificates andcheck their validity manually or tosimply accept them. Nosatisfactory solution has beenfound for the underlying problem.

Certificates

In the (more recent) OpenPGPspecification, trust signatures canbe used to support creation ofcertificate authorities. A trustsignature indicates both that thekey belongs to its claimed owner,

and that the owner of the key istrustworthy to sign other keys atone level below their own. A level 0signature is comparable to a webof trust signature since only thevalidity of the key is certified. Alevel 1 signature is similar to thetrust one has in a certificateauthority because a key signed tolevel 1 is able to issue an unlimitednumber of level 0 signatures. Alevel 2 signature is highlyanalogous to the trust assumptionusers must rely on whenever theyuse the default certificateauthority list (like those included inweb browsers); it allows the ownerof the key to make other keyscertificate authorities.

PGP versions have alwaysincluded a way to cancel ('revoke')identity certificates. A lost orcompromised private key willrequire this if communicationsecurity is to be retained by thatuser. This is, more or less,equivalent to the certificaterevocation lists of centralized PKIschemes. Recent PGP versionshave also supported certificateexpiration dates.

The problem of correctlyidentifying a public key asbelonging to a particular user is

not unique to PGP. All public key /private key cryptosystems have thesame problem, if in slightlydifferent guise, and no fullysatisfactory solution is known.PGP's original scheme, at least,leaves the decision whether or notto use its endorsement/vettingsystem to the user, while mostother PKI schemes do not,requiring instead that everycertificate attested to by a centralcertificate authority be acceptedas correct.

Security quality

To the best of publicly availableinformation, there is no knownmethod which will allow a personor group to break PGP encryptionby cryptographic or computationalmeans. Indeed, in 1996,cryptographer Bruce Schneiercharacterized an early version asbeing "the closest you're likely toget to military-grade encryption."Early versions of PGP have beenfound to have theoreticalvulnerabilities and so currentversions are recommended. Inaddition to protecting data intransit over a network, PGPencryption can also be used toprotect data in long-term data

storage such as disk files. Theselong-term storage options are alsoknown as data at rest, i.e. datastored, not in transit.

The cryptographic security ofPGP encryption depends on theassumption that the algorithmsused are unbreakable by directcryptanalysis with currentequipment and techniques. Forinstance, in the original version,the RSA algorithm was used toencrypt session keys; RSA'ssecurity depends upon the one-way function nature ofmathematical integer factoring.Likewise, the symmetric keyalgorithm used in PGP version 2was IDEA, which might, at somefuture time, be found to have apreviously unsuspectedcryptanalytic flaw. Specificinstances of current PGP, or IDEA,insecurities—if they exist—are notpublicly known. As current versionsof PGP have added additionalencryption algorithms, the degreeof their cryptographic vulnerabilityvaries with the algorithm used. Inpractice, each of the algorithms incurrent use is not publicly knownto have cryptanalytic weaknesses.

New versions of PGP arereleased periodically and

full circle magazine #67 50 contents ^

WHAT ISvulnerabilities are fixed bydevelopers as they come to light.Any agency wanting to read PGPmessages would probably useeasier means than standardcryptanalysis, e.g. rubber-hosecryptanalysis or black-bagcryptanalysis i.e. installing someform of trojan horse or keystrokelogging software/hardware on thetarget computer to captureencrypted keyrings and theirpasswords. The FBI has alreadyused this attack against PGP in itsinvestigations. However, any suchvulnerabilities apply not just toPGP, but to all encryptionsoftware.

In 2003, an incident involvingseized Psion PDAs belonging tomembers of the Red Brigadeindicated that neither the Italianpolice nor the FBI were able todecrypt PGP-encrypted files storedon them.

A more recent incident inDecember 2006 (see United Statesv. Boucher) involving US customsagents and a seized laptop PCwhich allegedly contained childpornography indicates that USGovernment agencies find it"nearly impossible" to access PGP-encrypted files. Additionally, a

judge ruling on the same case inNovember 2007 has stated thatforcing the suspect to reveal hisPGP passphrase would violate hisFifth Amendment rights i.e. asuspect's constitutional right notto incriminate himself. The FifthAmendment issue has beenopened again as the case wasappealed and the federal judgeagain ordered the defendant toprovide the key.

Evidence suggests that as of2007, British police investigatorsare unable to break PGP, so insteadhave resorted to using RIPAlegislation to demand thepasswords/keys. In November2009, a British citizen wasconvicted under RIPA legislationand jailed for 9 months forrefusing to provide policeinvestigators with encryption keysto PGP-encrypted files.

History

Early history

Phil Zimmermann created thefirst version of PGP encryption in1991. The name, "Pretty GoodPrivacy", is humorously ironic andwas inspired by the name of a

grocery store, "Ralph's Pretty GoodGrocery", featured in radio hostGarrison Keillor's fictional town,Lake Wobegon. This first versionincluded a symmetric-keyalgorithm that Zimmermann haddesigned himself, namedBassOmatic after a Saturday NightLive sketch. Zimmermann had beena long-time anti-nuclear activist,and created PGP encryption sothat similarly inclined people mightsecurely use BBSs and securelystore messages and files. Nolicense was required for its non-commercial use. There was noteven a nominal charge, and thecomplete source code wasincluded with all copies.

In a posting of June 5, 2001,entitled "PGP Marks 10thAnniversary", Zimmermanndescribes the circumstancessurrounding his release of PGP:

"It was on this day in 1991 that Isent the first release of PGP to acouple of my friends for uploadingto the Internet. First, I sent it toAllan Hoeltje, who posted it toPeacenet, an ISP that specialized ingrassroots political organizations,mainly in the peace movement.Peacenet was accessible topolitical activists all over the world.

Then, I uploaded it to Kelly Goen,who proceeded to upload it to aUsenet newsgroup that specializedin distributing source code. At myrequest, he marked the Usenetposting as "US only". Kelly alsouploaded it to many BBS systemsaround the country. I don't recall ifthe postings to the Internet beganon June 5th or 6th.

It may be surprising to somethat back in 1991, I did not yetknow enough about Usenetnewsgroups to realize that a "USonly" tag was merely an advisorytag that had little real effect onhow Usenet propagatednewsgroup postings. I thought itactually controlled how Usenetrouted the posting. But back then,I had no clue how to post anythingon a newsgroup, and didn't evenhave a clear idea what anewsgroup was."

PGP found its way onto theInternet, and it very rapidlyacquired a considerable followingaround the world. Users andsupporters included dissidents intotalitarian countries (someaffecting letters to Zimmermannhave been published, some ofwhich have been included intestimony before the US

full circle magazine #67 51 contents ^

WHAT ISCongress), civil libertarians in otherparts of the world (seeZimmermann's publishedtestimony in various hearings), andthe 'free communications' activistswho called themselvescypherpunks (who provided bothpublicity and distribution), and,decades later, CryptoParty, whodid much the same via Twitter.

Criminal investigation

Shortly after its release, PGPencryption found its way outsidethe United States, and, in February1993, Zimmermann became theformal target of a criminalinvestigation by the USGovernment for "munitions exportwithout a license". Cryptosystemsusing keys larger than 40 bits werethen considered munitions withinthe definition of the US exportregulations; PGP has never usedkeys smaller than 128 bits, so itqualified at that time. Penalties forviolation, if found guilty, weresubstantial. After several years,the investigation of Zimmermannwas closed without filing criminalcharges against him or anyoneelse.

Zimmermann challenged these

regulations in a curious way. Hepublished the entire source codeof PGP in a hardback book, via MITPress, which was distributed andsold widely. Anybody wishing tobuild their own copy of PGP couldbuy the $60 book, cut off thecovers, separate the pages, andscan them using an OCR program,creating a set of source code textfiles. One could then build theapplication using the freelyavailable GNU Compiler Collection.PGP would thus be availableanywhere in the world. Theclaimed principle was simple:export of munitions—guns, bombs,planes, and software—was (andremains) restricted; but the exportof books is protected by the FirstAmendment. The question wasnever tested in court with respectto PGP. In cases addressing otherencryption software, however, twofederal appeals courts haveestablished the rule thatcryptographic software sourcecode is speech protected by theFirst Amendment (the Ninth CircuitCourt of Appeals in the Bernsteincase and the Sixth Circuit Court ofAppeals in the Junger case).

US export regulations regardingcryptography remain in force, butwere liberalized substantially

throughout the late 1990s. Since2000, compliance with theregulations is also much easier.PGP encryption no longer meetsthe definition of a non-exportableweapon, and can be exportedinternationally except to 7 specificcountries and a list of namedgroups and individuals (with whomsubstantially all US trade isprohibited under various US exportcontrols).

PGP 3 and founding ofPGP Inc.

During this turmoil,Zimmermann's team worked on anew version of PGP encryptioncalled PGP 3. This new version wasto have considerable securityimprovements, including a newcertificate structure which fixedsmall security flaws in the PGP 2.xcertificates, as well as permitting acertificate to include separate keysfor signing and encryption.Furthermore, the experience withpatent and export problems ledthem to eschew patents entirely.PGP 3 introduced use of the CAST-128 (a.k.a. CAST5) symmetric keyalgorithm, and the DSA andElGamal asymmetric keyalgorithms, all of which were

unencumbered by patents.

After the Federal criminalinvestigation ended in 1996,Zimmermann and his team starteda company to produce newversions of PGP encryption. Theymerged with Viacrypt (to whomZimmermann had sold commercialrights and who had licensed RSAdirectly from RSADSI) which thenchanged its name to PGPIncorporated. The newly combinedViacrypt/PGP team started workon new versions of PGP encryptionbased on the PGP 3 system. UnlikePGP 2, which was an exclusivelycommand line program, PGP 3 wasdesigned from the start as asoftware library allowing users towork from a command line orinside a GUI environment. Theoriginal agreement betweenViacrypt and the Zimmermannteam had been that Viacrypt wouldhave even-numbered versions andZimmermann odd-numberedversions. Viacrypt, thus, created anew version (based on PGP 2) thatthey called PGP 4. To removeconfusion about how it could bethat PGP 3 was the successor toPGP 4, PGP 3 was renamed andreleased as PGP 5 in May 1997.

full circle magazine #67 52 contents ^

WHAT ISOpenPGP

Inside PGP Inc., there was stillconcern about patent issues.RSADSI was challenging thecontinuation of the Viacrypt RSAlicense to the newly merged firm.The company adopted an informalinternal standard called"Unencumbered PGP": "use noalgorithm with licensingdifficulties". Because of PGPencryption's importanceworldwide (it is thought to be themost widely chosen qualitycryptographic system), manywanted to write their ownsoftware that would interoperatewith PGP 5. Zimmermann becameconvinced that an open standardfor PGP encryption was critical forthem and for the cryptographiccommunity as a whole. In July1997, PGP Inc. proposed to theIETF that there be a standardcalled OpenPGP. They gave theIETF permission to use the nameOpenPGP to describe this newstandard as well as any programthat supported the standard. TheIETF accepted the proposal andstarted the OpenPGP WorkingGroup.

OpenPGP is on the Internet

Standards Track and is under activedevelopment. The currentspecification is RFC 4880(November 2007), the successor toRFC 2440. Many e-mail clientsprovide OpenPGP-compliant email

security as described in RFC 3156.

The Free Software Foundationhas developed its own OpenPGP-compliant program called GNUPrivacy Guard (abbreviated GnuPGor GPG). GnuPG is freely availabletogether with all source codeunder the GNU General PublicLicense (GPL), and is maintainedseparately from several GraphicalUser Interfaces (GUIs) that interactwith the GnuPG library forencryption, decryption and signingfunctions (see KGPG, Seahorse,MacGPG). Several other vendorshave also developed OpenPGP-compliant software.

Network Associatesacquisition

In December 1997, PGP Inc. was

acquired by Network Associates,Inc. ("NAI"). Zimmermann and thePGP team became NAI employees.NAI was the first company to havea legal export strategy bypublishing source code. Under NAI,the PGP team added diskencryption, desktop firewalls,intrusion detection, and IPsecVPNs to the PGP family. After theexport regulation liberalizations of2000 which no longer requiredpublishing of source, NAI stoppedreleasing source code.

In early 2001, Zimmermann leftNAI. He served as ChiefCryptographer for HushCommunications, who provide anOpenPGP-based e-mail service,Hushmail. He has also worked withVeridis and other companies. InOctober, 2001, NAI announced thatits PGP assets were for sale andthat it was suspending furtherdevelopment of PGP encryption.The only remaining asset kept wasthe PGP E-Business Server (theoriginal PGP Commandlineversion). In February 2002, NAIcanceled all support for PGPproducts, with the exception of therenamed commandline product.NAI (now McAfee) continues to selland support the product under thename McAfee E-Business Server.

Current situation

In August 2002, several ex-PGPteam members formed a newcompany, PGP Corporation, andbought the PGP assets (except forthe command line version) fromNAI. The new company was fundedby Rob Theis of Doll CapitalManagement (DCM) and TerryGarnett of Venrock Associates.PGP Corporation supports existingPGP users and honors NAI'ssupport contracts. Zimmermannnow serves as a special advisor andconsultant to PGP Corporation, aswell as continuing to run his ownconsulting company. In 2003, PGPCorporation created a new server-based product called PGPUniversal. In mid-2004, PGPCorporation shipped its owncommand line version called PGPCommand Line, which integrateswith the other PGP EncryptionPlatform applications. In 2005, PGPCorporation made its firstacquisition—the German softwarecompany Glück & Kanja TechnologyAG, which is now PGP DeutschlandAG. In 2010, PGP Corporationacquired Hamburg-basedcertificate authority TCTrustCenter and its parentcompany, ChosenSecurity, to form

full circle magazine #67 53 contents ^

WHAT ISits PGP TrustCenter division.

Since the 2002 purchase ofNAI's PGP assets, PGP Corporationhas offered worldwide PGPtechnical support from its officesin Draper, Utah; Offenbach,Germany; and Tokyo, Japan.

On April 29, 2010 SymantecCorp. announced that it wouldacquire PGP for $300 million withthe intent of integrating it into itsEnterprise Security Group. Thisacquisition was finalized andannounced to the public on June 7,2010. The source code of PGPDesktop 10 is available for peerreview.

PGP Corporationencryption applications

While originally used primarilyfor encrypting the contents of e-mail messages and attachmentsfrom a desktop client, PGPproducts have been diversifiedsince 2002 into a set of encryptionapplications which can bemanaged by an optional centralpolicy server. PGP encryptionapplications include e-mail andattachments, digital signatures,laptop full disk encryption, file and

folder security, protection for IMsessions, batch file transferencryption, and protection for filesand folders stored on networkservers, and, more recently,encrypted and/or signed HTTPrequest/responses by means of aclient side (Enigform) and a serverside (mod openpgp) module. Thereis also a Wordpress pluginavailable, called wp-enigform-authentication, that takesadvantage of the sessionmanagement features of Enigformwith mod_openpgp.

The PGP Desktop 9.x familyincludes PGP Desktop Email, PGPWhole Disk Encryption, and PGPNetShare. Additionally, a numberof Desktop bundles are alsoavailable. Depending onapplication, the products featuredesktop e-mail, digital signatures,IM security, whole disk encryption,file and folder security, selfdecrypting archives, and secureshredding of deleted files.Capabilities are licensed indifferent ways depending onfeatures required.

The PGP Universal Server 2.xmanagement console handlescentralized deployment, securitypolicy, policy enforcement, key

management, and reporting. It isused for automated e-mailencryption in the gateway, andmanages PGP Desktop 9.x clients.In addition to its local keyserver,PGP Universal Server works withthe PGP public keyserver—calledthe PGP Global Directory—to findrecipient keys. It has the capabilityof delivering e-mail securely whenno recipient key is found via asecure HTTPS browser session.

With PGP Desktop 9.x managedby PGP Universal Server 2.x, firstreleased in 2005, all PGPencryption applications are basedon a new proxy-based architecture.These newer versions of PGPsoftware eliminate the use of e-mail plug-ins and insulate the userfrom changes to other desktopapplications. All desktop andserver operations are now basedon security policies and operate inan automated fashion. The PGPUniversal server automates thecreation, management, andexpiration of keys, sharing thesekeys among all PGP encryptionapplications.

The current shipping versionsare PGP Desktop 10.2.0 (Windowsand Mac-OS Platforms), and PGPUniversal 3.2.0.

Also available are PGPCommand Line, which enablescommand line-based encryptionand signing of information forstorage, transfer, and backup, aswell as the PGP Support Packagefor BlackBerry which enables RIMBlackBerry devices to enjoysender-to-recipient messagingencryption.

New versions of PGPapplications use both OpenPGPand the S/MIME, allowingcommunications with any user of aNIST specified standard.

Further reading

Garfinkel, Simson (1991-12-01).PGP: PrettyGoodPrivacy. O'Reilly &Associates. ISBN 1-56592-098-8.

Zimmermann, Phil (1991-06).WhyIWrote PGP.(http://www.philzimmermann.com/EN/essays/WhyIWrotePGP.html)

full circle magazine #67 54 contents ^

full circle magazine #67 55 contents ^

BBOOOOKK RREEVVIIEEWWWritten by Lucas Westermann

T hink Like A Programmerby V. Anton Spraul(published by No StarchPress) is a 226 page, 8

chapter long book, of typical“technical manual” dimensions.That's essentially where thesimilarities to most technicalinstruction books end. As opposedto books like “Programming PHP”or “Beginning Python”, this bookdoesn't aim at teaching you aspecific programming language.

Indeed, it assumes a fair amount ofknowledge of C++. Which isn't tosay that knowledge is necessarilyrequired for this book. If you'recomfortable piecing together aworking knowledge of C++ throughexamples, or can convert solutionsinto a language you're morecomfortable with, it should stillprove rather enlightening. Afterall, the actual goal of this book isto introduce you to creativeproblem solving. Specifically, ittries to teach you a method ofapproaching complex problems,and to break it into its constituentparts, to allow you to make betterprogress.

Method

The first thing that struck meabout this book is the method withwhich they teach. The first chapteris dedicated solely to thestrategies for solving problems.They do this by offering puzzlesand riddles which, while solvable,aren't immediately answerable bythe reader. The reason for this isdue to the listener assumingimplications that don't exist. For

example, assuming the possibleactions listed in a problem are theonly actions you can take. Byexposing you to these sorts ofproblems from the beginning, theauthor is hoping to make you moreaware of the assumptions you'remaking. In doing this, you then alsobecome more aware of yourspecific method for answeringproblems, allowing you to betterfollow the later problems anddiscussions. The answers to eachpuzzle are also clearly explained inthe author's own methodology,while still encouraging the readerto explore other possiblesolutions. As such, I find this is oneof the most helpful books I'veread, due to the fact that it guidesyou towards designing a system foryourself, as opposed toencouraging a mindset wherethere can be only one correctmethod.

Excercises

Besides discussing thestrategies behind problem solving,this book also offers a slew ofactual exercises to solve using C++.

Obviously, almost all of theseproblems can all be solved in mostprogramming languages; theanswers supplied are simply in C++.Each successive chapter isdedicated to driving the originalstrategy home. This means that ithelps you to break down aproblem, to notice which sectionsof a problem you may have alreadyanswered, and how to keep up themotivation to solve a problem.However, each chapter focuses ona specific type of problem. Forexample, Chapter 2 is focused oninput, output and tracking thestate of a program, while Chapter6 focuses on recursion. Thisapproach to teaching helps cementthe basic strategies for solving theproblems, while helping you applythem to a multitude of practicalexamples. It also helps youunderstand certain aspects ofprogramming (especially in C++)that can sometimes be abstract, orconfusing to comprehend.

Diagrams

One aspect of the book that Ifound made it much more

TThhiinnkk LLiikkee AA PPrrooggrraammmmeerr

full circle magazine #67 56 contents ^

REVIEWapproachable is the liberal use ofdiagrams, tables, and thoughtprocesses. For example, for someof the more convoluted puzzles,the book usually offers a diagramto help explain what is meant. Thiscan help you to understand, butalso shows you how to translateword-based problems into visualrepresentations. As such, if you'rea big fan of visualization, or simplya visual learner, the method andexplanations in this book can beinvaluable.

Explanations

For those who are mostcomfortable with writtenexplanations, then you will alsonot be disappointed. The authorhas a writing style that is botheasily understandable, andenjoyable to read. As opposed tomost reference books, the authorimbues a certain level of life to hisprose, allowing otherwise dry andtechnical explanations to beentertaining.

Conclusion

Overall, I find this book is anexcellent addition to any library ofreference books, so long as you

sincerely wish to learn. If youapproach this book with the intentto learn as much about creativeapproaches to solving problems,you'll probably find that workingthrough this book goes muchquicker (and is much moreentertaining) than you might havefirst assumed. If, however, you'realready comfortable solvingcomplicated problems, or havelittle interest in developing anapproach to solving those sorts ofproblems, this book may be oflittle interest to you. For anyoneuncertain of which group theybelong to, I offer this advice: find aphysical copy of the book that youcan flip through, and lookingthrough Chapters 1 & 2 should giveyou a very good idea of what toexpect. If you have any specificquestions, you're welcome to emailme at lswest34@gmail.com, and Iwill do my best to answer them.

Lucas has learned all he knows fromrepeatedly breaking his system, thenhaving no other option but todiscover how to fix it. You can emailLucas at: lswest34@gmail.com.

nostarch.com

full circle magazine #67 57 contents ^

RREEVVIIEEWWWritten by Rich Dennis

XFCE has grown inpopularity as a desktopenvironment since therelease of the GNOME

3.x series and the controversialchanges it has made to a well-known and heavily used DE.Debian is rumored to beconsidering XFCE as the defaultdesktop for the upcoming 7.xrelease Wheezy. Respins (Re-Spins)and remasters featuring XFCE arebecoming increasingly common,due to XFCE’s intuitive interface,stability, flexibility, and ability toconform to a wide variety ofcontemporary and legacyhardware platforms.

Roberto Dohnert, BrianJohnson and Sebastian Wellscreated the first version of whatwould evolve through severaliterations into OS4 OpenDesktopin 2005—it was called OS4u andbased on Gentoo Linux, backed bya commercial developer. Fast-forwarding to 2008, after thedissolution of that partnership,Dohnert and PC / OpenSystemsLLC created the first version oftheir take on the Linux desktop,

PCOS 8.04 in 2008. Moving fromGentoo to an Ubuntu base offeredthe vast array of Debian apps andadvanced toolset as well asUbuntu's well-known ease-of-useand growing popularity. Ubuntuwas innovative and well-regarded.Fast-forward again to 2012:Dohnert will be releasing OS4OpenWorkstation 13 Update 1 onDecember 1 2012, which will be

based on Xubuntu 12.04 and theLinux 3.5.x series kernel. In thesefour years, the name may havechanged, but the importantelements have stayed the same forthis distro: an adherence to XFCE,ease of use, great hardwarecompatibility, a simplified butinnovative interface, and anexcellent set of defaultapplications.

Most recent Canonicalderivatives and respins have asimilar feel and generic look;Dohnert's vision for the desktophas always been unique andidiosyncratic. His first choices for aGUI were variations on interfacespopular at the time: NeXTStep,BeOS, AmigaOS and SGI Irix.Although the first versions ofPCOS in 2008 had a BeOS-stylelayout and theme, OS4 has movedtowards NextSTEP in itsappearance and overall theme. Inan interview published on thedistro's website—part of whichwas published online onDistrowatch.com—Dohnertmentioned his history with thevenerable OSX precursor and hishopes to leverage the stability ofthe Linux kernel to bring “ease ofuse to the desktop.” And a recentproblem with some members ofthe Amiga user community hasbeen resolved; OS4 13OpenDesktop includes integratedmodules for mounting AmiFSmedia, and the team has assistedAmigaOS in improving its ext4driver.

OOSS44 OOppeennWWoorrkkSSttaattiioonn

full circle magazine #67 58 contents ^

REVIEW

According to the newly createdinstallation guide, OS4OpenDesktop runs best onmachines of at least thesespecifications, and better on therecommended hardware :

32 bit system requirements /recommendations:Processor PIII 800 MHz / Intel CoreDuo or higherRAM 512 MB / 1 GB +Hard Drive 10 GB / 15 GB +Standard VGA adapter / 3DGraphics Card

64 bit system requirements /recommendations:AMD64 or Intel 64 1 GHz Dual CoreRAM 1 GB + / 2 GB +Hard Drive 10 GB + / 15 GB +Standard VGA adapter / 3DGraphics Card

The ISOs for the OS4OpenDesktop 13 32-bit and 64-biteditions weigh in at 1.3 and 1.4 GBrespectively. Once burned to aflash drive or DVD, the OS4 Live

session should prove familiar to anexperienced Ubuntu user, andintuitive to the newbie – bootingquickly to a serene blue desktopdecorated with the OS4 logo in theupper left hand corner. Dohnertcalls this environment theOpenDesktop Workspace Manager.While the usual XFCE icon sets andthemes are available, two customthemes, Graphite (the default) andSky, are included, and a customicon set, OS4 Visual Subsystem.The bottom panel, with a left-handnotification area and windowmenu, workspace switcher (2workspaces by default) in themiddle, and Orage clock on theright is called the applet bar. Thevertical, opaque panel on theupper right-hand side is called theShelf: it features a Trashcan on thebottom, Menu with icons that canbe dragged to the panel, and FileManager launcher on the top.

The system, based on Xubuntu12.04, is generally quick,responsive, and very stable. Thunar

is the default file manager andhandles the desktop: the XFCETask Manager shows typicalresource consumption (like itsparent, OS4 is very lean, averagingabout 11% processor usage onsingle-core Pentium 4 and 15%memory useage on 2.5 GB of RAMwhile writing this article onLibreoffice Writer with five tabsopen in Google Chrome), and, atthe epicenter, the SettingsManager for under-the-hoodchanges. The application selectionis typical, with a few interestingwrinkles: Nokia Maps is included,and the Nixnote Evernote client (apersonal favorite). OS4 includesthe Illumination Software Creator,designed by Brian Lunduke for thenovice programmer, and Eclipseand Netbeans for the moreadvanced coder. But the typicalarray of productivity software isincluded out-of-the-box, and theaverage user will find him-or-herself able to get to work almostimmediately with an enhancedsuite of Office-compatible and

Web-capable apps: GoogleChrome, the Evolution email andgroupware client, Abiword,Gnumeric, Orage. The inclusion ofRemastersys, to allow the creationof customized OS4 configurationsand full system backups, is anotherwelcome inclusion.

There are some differencesbetween OS4 and a typical XFCEdesktop : the top-level menu isabsent—right-clicking on thedesktop brings up the Applicationsmenu. Additionally, althoughthere's a minimized-window menuin the Applet bar, openapplications also iconize to thedesktop. Right-clicking on iconizedapps brings up the usual contextmenu, but these can't be moved toanother workspace or closed.Dohnert says that this is anupstream XFCE bug that will beaddressed in Update 1.

After examining the Livesession, and moving forward to

full circle magazine #67 59 contents ^

REVIEWinstalling the system, the stepsare, again, familiar and intuitive:selecting a timezone, configuringthe keyboard, partitioning thedisk(s), creating a user account.After these steps are completed,the new OS4 user is ready to getstarted browsing the Internet,enjoying their music libraries withgtkpod and Banshee, tweet withHotot, and get organized withEvolution.

The company is progressing. Ithas a wide user base and a newfour-man developmentteam—Dohnert, Cristobal Molina,Seth Forstal and Mike Vail. Theyoffer OS4 OpenDesktop as a freedownload, but also provide paidsupport for customers through theOS4 Store. They have alsodiversified from XFCE, offering aKDE version for European userswho demanded that particulardesktop environment and suite ofQT-based applications. OS4OpenServer is available also forthe small-business and homeserver market, and soon-to-come,Trusted OS4 1.0, featuring theNSA's Linux initiatives, DoD leveldrive wiping and encryptionsoftware, and access card controls.The team and their OS4 storefrontare responsive to their user base,

offering custom installs forparticular hardware configurations,and, for the purposes of thisarticle, Dohnert himself was veryhelpful and accessible. The mainversion will not be ignored ofcourse: plans to increasecompatibility with Apple hardwareand with recent updates to theAmigaOS, should make the futureof this distro bright.

Rich Dennis is a network engineer,aspiring writer and burgeoning Linuxenthusiast who prefers XFCE as adesktop environment generally andXubuntu 12.04 specifically.

QUICK REVIEWby Peter Liwyj

I t isn't often that a program totally suprises me. Mnemosynereally did. I thought it was a basic flash card program but the wayit presents the cards actually forces you to learn and retaininformation. Cards that you do know well are pushed to the

background and cards you do not know will show up more often.Mnemosyne will not waste your time on things you know but willcheck and make sure you haven't forgotten anything. Probably themost useful feature is that you can flip cards to make the questionsbecome answers, and answers become questions, effectively doublingthe card set and making you learn things backwards and forwards.

Mnemosyne is a flash card program that may appear very basicwhen you first look at it, but it actually has some very useful features.It supports different scripts so you can use it to learn languages withdifferent alphabets, three sided cards are supported, you can useLaTeX to write out math formulas and, if you need it, pictures, soundsand HTML can be attached. It can also run off a usb stick and can crossplatforms including Android and Blackberry devices, you don't have towaste your bus commute to school anymore.

There is a small community who have made card sets and postedthem on the Mnemosyne site for free download. Personally I havefound the act of making the cards helps you to better learn theinformation. So if you find yourself struggling with Latin and medicalterminology, or need to learn the hot key shortcutcommands for Blender, give Mnemosyne a try. Ithink you will quickly learn to respect this wellhidden and little known program with the strangename.

http://www.mnemosyne-proj.org

full circle magazine #67 60 contents ^

LLEETTTTEERRSSIf you would like to submit a letter for publication, complimentor complaint, please email it to: letters@fullcirclemagazine.org.PLEASE NOTE: some letters may be edited for space.

Actually...

I enjoyed the Ask The New Guycolumn for this month (onupdating packages), howeverthere is one minor error, and

one other thing I'd like to pointout. In the article, when Copil istalking about installing a programthrough the Software Center, hesays "Choose the software youwant from the results, and clickINSTALL. Once you give it yourroot password, the programinstalls." Actually it's yourpassword (as you don't use theroot account for anything)--not theroot password.

The other thing I'd like to pointout is that you can use sudo apt-get dist-upgrade (the differencebetween dist-upgrade and upgradeis that dist- will find and install anynew dependencies automatically).

Patrick

Nexus 7

I'm a big fan of the Nexus 7 -since getting one a fewmonths ago, it's become mymost used computer. But

there's one big thing missing fromthe otherwise well-designedhardware: video-out.

My Galaxy Nexus phone, forinstance, supports video outputthrough the USB port (after buyinga pretty inexpensive USB/HDMIadaptor). That doesn't work withthe Nexus 7, however.

The result - there's no way thatI'm aware of to view stored videoson a Hi-Def TV. In a more business-like (or education) context, there'sno way to display presentations orother material on a digitalprojector. And that makes it MUCHless useful in those business oreducation contexts where it wouldotherwise be a natural.

Alan Zisman

SoftMaker 2008 Office

Just to let everybody know,SoftMaker of Germany isgiving away theirSoftMaker 2008 office

suite which includes wordprocessing, spreadsheet,presentation, and VBA codingfunctions.

Normally this suite costs $100to $200, but the lesser version canbe found athttp://www.softmaker.de/lh-down-en.htm. Be aware that the site asksfor name and email address, atwhich time a serial number anddownload link is emailed. You canexpect at least one email per weekpitching an upgrade, but you canopt out after receiving the freebie.

Also, although it appears a 386.deb file is the only offering forLinux, my testing showed it worksjust fine on 64-bit versions, too. Inwork I've done with it, the suiteopens quicker than LibreOffice,and performs admirably.

Art Schreckengost

Magic Numbers

I've really been enjoying the"Closing Windows" series, andwas particularly excited when Isaw the topic of File

Associations (FCM#66). Afterreading it, I had the impressionthat Linux works just like Windows.This disappointed me, because Ithought that internally there was abetter system in Linux. I rememberseeing something about "MagicNumbers" that are supposed toplay some role in opening files,perhaps even getting rid of theneed for extensions. I'd love to seesomething in FCM discussing this.

Ernie DeVries

Join us on:

facebook.com/fullcirclemagazine

twitter.com/#!/fullcirclemag

linkedin.com/company/full-circle-magazine

ubuntuforums.org/forumdisplay.php?f=270

goo.gl/FRTMl

full circle magazine #67 61 contents ^

full circle magazine #67 62 contents ^

QQ&&AACompiled by Gord Campbell

If you have Ubuntu-related questions, email them to:questions@fullcirclemagazine.org, and Gord will answer them in a futureissue. Please include as much information as you can about your problem.

Q After installing Ubuntu12.10, then the NvidiaCurrent "AdditionalDriver", I have a shrunken

screen with no panel and nolauncher.

A (Thanks to RaduStoicaon Launchpad) Installlinux-headers-genericbefore installing nvidia-

current. Gord adds: the failure toinclude linux-headers-genericduring

installation is extremelypuzzling.

Q If I wanted to startubuntu 12.10 from a pendrive, what would be thebest size to buy?

A If you are going to usejust the pen drive toinstall Ubuntu, 1 GB isenough. If you are going

to run Ubuntu from the pen drive,4 GB or 8 GB are good. You arelimited to 4 GB of "persistent"space, so part of an 8 GB drive willbe wasted, but the cost differenceis minor.

Q When I try to startShotwell, nothinghappens.

A Try opening a terminal,and enter the command:

shotwell

If there is an error, it shouldappear. (And it did: "missing libraryfile". Reinstalling the library filegot Shotwell running.)

Q How can I stop mycomputer fromsuspending orhibernating while I am

running my backup program?

A (Thanks to PaddyLandau) Install Caffeine(https://launchpad.net/~caffeine-

developers/+archive/ppa), whichturns off sleep mode whileprograms that you specify arerunning.

Q Issue 64 of Full CircleMagazine hadinformation about theWirenet trojan. What

should we do about it?

A Seehttp://askubuntu.com/questions/181930/what-to-do-regarding-

backdoor-wirenet-1

In short, if you don't have aWIFIADAPT folder, you don't havethe trojan. If you create a read-only*file* with that name (in Home),the trojan can not be installed.(Note that the name is all upper-case.)

Q Can I install MicrosoftOffice 2007 usingPlayOnLinux, and have itautomatically open for

.DOC (and similar) files?

A Yes, see this tutorial:http://ubuntuforums.org/showthread.php?t=1940522

Q My computer hasmultiple hard drives in aRAID setup. Do I stillneed to do backups?

A Yes, you do! People willdelete files and thendecide they need them,and RAID provides no

protection against this.

Q Just installed Xubuntu12.10 on my laptop. Isthere a way to make thebattery applet show the

battery percentage or/and thetime?

A (Thanks to badhorse inthe Ubuntu Forums)Install xfce4-battery-plugin and add the new

battery item to your panel.

Q Sometimes VLC playsvideo fine, but there is noaudio.

full circle magazine #67 63 contents ^

Q & A

A Under Audio, there is a"mute" setting -- whichdoes not show if it isenabled! Try clicking on

it.

Q I've downloadedLibreOffice to install onan older release ofUbuntu that had

OpenOffice. I've removed OO.What directory should I extractLibreOffice to?

A Don't extract it, open itwith gdebi. (Right-clickon the downloaded file.)

Q My graphics card is annVidia GeForce4 TI4200with AGP8. I want to havedual mode with my

monitor at 1024x768 and the TV at800x600. I can't find an Nvidiadriver for my card which workswith the current Ubuntu.

A Your video card wasfirst produced morethan 10 years ago. Myrule of thumb is that PC

technology is good for seven years.

(I got a new computer in 1990,then a new computer in 1997, andagain in 2004. That one was passedto my wife, and she got a newcomputer in 2011.)

Q Where can I find somefree/cheap Linux stickers?I want to put tux on mynetbook.

A (Thanks to QuickSphinxin the Ubuntu Forums) Iended up buying 3 herefor 10 bucks:

http://tuxstickers.ptaff.ca/step1/?lang=en_CA

It really depends on yourlocation. Google can help. Kudos toSystem 76.

Q What's the secret forplaying iTunes podcastsin Ubuntu?

A To the best of myknowledge, Ubuntuusers have no access tothe iTunes Music Store.

If you want podcasts which areavailable only through iTunes, youreally need to run Windows or an

Apple OS.

I use Miro to collect and playpodcasts, including podcasts whichare available as RSS subscriptionsfrom web sites such as Revision3.There are other options in theSoftware Centre; Miro certainly isnot perfect.

Tips and Techniques

Distro Testing

On average, I have a look at onedistro or version of Linux a month.Over time, I've developed achecklist of things to try on mydesktop and laptop.

Video: Can I see a graphicalinterface? (No is a deal breaker!) Isthe monitor resolution correct?Can I install a proprietary driver?

Wireless: Does my wirelessadapter work?

Audio: Can I hear sound frommy earphones and, on my laptop,the speakers? Can I record audiousing Audacity?

Media: Can I play MP3s andFLACs? Can I watch Youtubevideos? Can I watch DVDs?

Firefox: Can I install extensionsto auto-select my choice ofresolution for Youtube videos, andto download Youtube videos?

Sharing: Can I access sharedfolders on other computers on mynetwork? Can I share a local folderfor other computers to access?

Printing: Can I easily use mynetworked Brother laser printer?

Webcam: Does Cheese workwith my webcam?

Camera: Can I transfer picturesfrom my elderly Canon DSLR andvideos from my video camera?

Conky: Can I display thetemperatures of variouscomponents, and other Conkygoodness?

Applets: Can I see the weatherfor my location? Can I access myDropbox folders?

Applications: Can I installGoogle Chrome, the Adobe Readerand Cinelerra from their respective

full circle magazine #67 64 contents ^

After a long career in the computerindustry, including a stint as editor ofComputing Canada and ComputerDealer News, Gord is now more-or-less retired.

Q & Asources?

Stability: Are there any crashesor other anomalies?

Shutdown: Do shutdown andrestart work as expected?

So now you're asking, how doesUbuntu 12.10 measure up? I'll lookat only the problem areas.

I installed a proprietary videodriver (nvidia current) on mydesktop computer, but it didn'tproduce a working system. Afterrebooting, I decided the fastestsolution was to reinstall and avoidthe proprietary driver. For 99% ofthe populace, this would be a dealbreaker, and the end of theirexperiment with Linux. (See theQuestion above on how this wasresolved.) My laptop, with ATIgraphics, did not offer aproprietary driver. (Oddly, the"additional drivers" in SoftwareCentre claimed my wirelessadapter was not working, butSoftware Centre was connectedusing that wireless adapter!)

When I ran my standard Conkyscript, the system would lock uphard in anywhere from 30 minutesto two hours. I'm still trying to

track down the problem. It's notjust Conky, the system locks upwhen I have not run Conky. I hadone session of more than 20 hoursbefore I did a normal reboot, but Ihave not been able to repeat it.

For DVD playback, I had to, asexpected, follow the instructionsfound here:https://help.ubuntu.com/community/RestrictedFormats

I downloaded the AdobeReader, and tried to install it usingSoftware Centre. An error messageflashed by much too quickly toread, then Software Centreoffered to install the application(again) -- with the same result. TheDash offered to run Adobe Reader,but it did not run. When I double-clicked on a PDF, nothinghappened. I could right-click on aPDF and select "DocumentViewer," and that worked.

I had one crash of Compiz,which required a restart.

All in all, not too terrible. If thatsounds like faint praise, it is. Sorry,I just want to get things done, notspend time debugging problemson my system. One area where Iobserved an improvement was in

transferring pictures from mydigital camera; in previousversions, it has been hit and miss. Ialso liked having it make thewireless connection while I typedin my password.

Here's a pleasant note to endon. When I built my desktopsystem, more than three years ago,I selected a D-Link DWL-G510 PCIwireless adapter. The result is thatI have never needed to connect anEthernet cable to the computer,the wireless has worked with everydistro or version of Linux I havetried.

Do you have suggestions to addto my checklist? Emailsuggestions/questions to:questions@fullcirclemagazine.org.

full circle magazine #67 65 contents ^

MMYY DDEESSKKTTOOPP

This desktop configuration runs on my laptop, home PC, andoffice PC. As you can see, I love screenlets. I use two MailScreenlets and two Calendar Screenlets: one is for personal useand the other for work.

Home PC (will soon be transformed into home server):Intel Core 2 Quad Q9300 2.5 GHz8 GB DD2 RAM2x120 GB, 2x250 GB, 1x1.5 TB HDDsASUS P5K Premium MotherboardATI Radeon 5770 Graphics

AnGeLoS

Your chance to show the world your desktop or PC. Email your screenshots andphotos to: misc@fullcirclemagazine.org and include a brief paragraph aboutyour desktop, your PC's specs and any other interesting tidbits about your

I’m a beginner to Ubuntu having first heard of Linux a year ago.My desktop uses Docky and Conky. Very simple.

OS: Ubuntu 12.04 LTS x64Processor: Intel Core i5 -2410 CPU, 2.3 GHzRAM: 6GiBGraphics: Intel HD graphics 3000

GTK+ Theme: ZukitwoWindow Theme: ZukitwoShell Theme: ZukitwoIcon theme: faenzaCursor: Shere Khan X

Cherry

full circle magazine #67 66 contents ^

MY DESKTOP

Been using Linux since 2009 and always exploring what comesout to not tie myself to just one spot.

Desktop: Moomex GTK2.x theme with Faenza-Darkest iconsalong with Docky. I adjusted the transparency—using Compizfor the panel and Ubuntu tweak for everything else.System Specs: Acer Aspire 5336 packed with Intel Celeron 900@ 2.20Ghz, 3GB of DDR3, 250GB HDD, and 64MB of IntelGMA4500M graphics (fancy huh?)OS: Ubuntu 10.04.2 LTS (Long Term Support) 64-bit "Lucid lynx"

System runs very quick, and is 100% reliable with Linux. My onlyissue is the backlight bug for these older Intel video chipsets onthe laptops, which is why I cannot upgrade. However, 10.04hasn't failed me yet, so I will stick with it until the machine dies.It's keeping me a very happy camper.

Donald McCulloch

The top panel is Docky and the Cinnamon theme is ICS. Thewallpaper should look familiar; it is actually the defaultwallpaper for Ubuntu 12.10, except that the hue was changedin Gimp. I use Microsoft Office only for compatibility on othercomputers, but I prefer LibreOffice. I use this laptop as my maincomputer—some light gaming like Sim Tower and Micropolis, aswell as writing and designing for school.

Operating System: 32 bit Linux Mint 13 Maya CinnamonIcons: Mint-X (Default)Gtk+ Theme: AdwaitaCinnamon Theme: ICSCPU: Intel Core 2 Duo 1.6 GHzRAM: 2 GBHDD: 200 GB (And shrinking)Computer Model: Fujitsu Lifebook A-Series

Keegan

full circle magazine #67 67 contents ^

PUZZLE SOLUTIONS

CO

DE

WO

RD

Codeword and 16x16 Suduko puzzles arecopyright, and kindly provided by, The PuzzleClub - www.thepuzzleclub.com

SU

DO

KU

full circle magazine #67 68 contents ^

HHOOWW TTOO CCOONNTTRRIIBBUUTTEEFull Circle Team

Editor - Ronnie Tuckerronnie@fullcirclemagazine.orgWebmaster - Rob Kerfiaadmin@fullcirclemagazine.orgPodcast - Les Pounder & Co.podcast@fullcirclemagazine.org

Editing & Proofreading

Mike Kennedy, Lucas Westermann,Gord Campbell, Robert Orsino,Josh Hertel, Bert Jerred

Our thanks go to Canonical, the manytranslation teams around the worldand Thorsten Wilms for the FCM logo.

FULL CIRCLE NEEDS YOU!A magazine isn't a magazine without articles and Full Circle is noexception. We need your opinions, desktops, stories, how-to's,reviews, and anything else you want to tell your fellow *buntu users.Send your articles to: articles@fullcirclemagazine.org

We are always looking for new articles to include in Full Circle. For help and adviceplease see the Official Full Circle Style Guide: http://url.fullcirclemagazine.org/75d471

Send your comments or Linux experiences to: letters@fullcirclemagazine.orgHardware/software reviews should be sent to: reviews@fullcirclemagazine.orgQuestions for Q&A should go to: questions@fullcirclemagazine.orgDesktop screens should be emailed to: misc@fullcirclemagazine.org... or you can visit our forum via: fullcirclemagazine.org

FCM#68Deadline:Sunday 09th Dec. 2012.Release:Friday 28th Dec. 2012.

EPUB Format - Recent editions of Full Circle have a link to the epub file on the downloads page. If you have any problems withthe epub file, you can drop an email to: mobile@fullcirclemagazine.org

Google Currents - Install the Google Currents app on your Android/Apple devices, search for 'full circle' (within the app) andyou'll be able to add issues 55+. Or, you can click the links on the FCM download pages.

Ubuntu Software Centre - You can get FCM via the Ubuntu Software Centre: https://apps.ubuntu.com/cat/. Search for 'fullcircle', choose an issue, and click the download button.

Issuu - You can read Full Circle online via Issuu: http://issuu.com/fullcirclemagazine. Please share and rate FCM as it helps tospread the word about FCM and Ubuntu Linux.

Ubuntu One - You can now have an issue delivered to your free Ubuntu One space by clicking the 'Send to Ubuntu One' buttonwhich is available on issues 51+.

Getting Full Circle Magazine: