| DistroWatch Weekly
|DistroWatch Weekly, Issue 62, 16 August 2004
Welcome to this year's 32nd edition of DistroWatch Weekly. Having survived a power blackout generated by an approaching typhoon, your intrepid web site maintainer has yet more exciting stories for you...
Yellow Dog Bites Back
Apple announced the availability of OS X 10.3.5 on August 10. However, OS X is not the only operating system that can run on the Macintosh, and on August 13 (Friday the 13th) Yellow Dog Linux decided to bite back by releasing version 4.0 RC2. YDL users were no doubt relieved - indeed, they were starting to get rather anxious as approximately 11 months had lapsed since the release of 3.0.1 (the current stable version). According to Yellow Dog developers, the reason for the long delay had much to do with the unsettled state of Red Hat/Fedora, upon which YDL is based. As regular readers of DistroWatch should know, Red Hat has undergone major changes in the past year, moving their product line into the commercial Red Hat Enterprise Linux while spinning off the freebie download version into the rapidly-developing Fedora project.
Yellow Dog Linux is a commercial product sold by Terra Soft Solutions, and the latest version 4.0 is available for download through YDL.net Enhanced (3.01 can can be obtained from free mirrors). Yellow Dog's drawcard is that it is unique among Linux distros - it is the only one designed exclusively to run on Macs (or more accurately, the PowerPC processor). Yes, there are other Linux distros that have been ported to PowerPC (Debian and Gentoo come to mind), plus NetBSD and OpenBSD, but only Yellow Dog has bet the ranch on the Mac architecture. So far the bet has paid off, as YDL has been around for five years now and appears to have the lead among Linux-on-Mac fans. YDL 4.0 RC2 will probably be the last release candidate - Yellow Dog developers are predicting that they'll have the final stable release ready for downloading in about another week.
This is probably as good a place as any for me to ask a question that has been fermenting in the back of my head for awhile. I don't own a Macintosh, but I am curious to know how the Linux/BSD experience on PowerPC stacks up when compared to the Intel x86 world. For those of you who own both a PowerPC and x86 box, what differences do you find when running Linux and/or BSD on these machines? Any advantages/disadvantages between the two? Inquiring minds want to know. And let it be stated that this is just a question, not a troll - I've actually been admiring some of those nice-looking iBooks and PowerBooks that I see in the shopping malls.
New Steganography Tool
In last week's Tips, Tricks and Hints, we discussed steganography, the art and science and hiding text messages in unexpected places (ie. inside of graphic, audio and video files). Now there is a new steganographic tool for hiding top-secret data inside of executable files. Hydan is the brainchild of Rakan El-Khalil, a computer science student at Columbia University in New York. El-Khalil revealed his new creation at CodeCon, a non-commercial IT conference held at a San Francisco nightclub.
The ability to place hidden messages inside of an executable binary is not a trivial accomplishment. In the case of graphic, audio and video files, the hidden text slightly impairs the visual or audio output, but so slightly that it's seldom noticeable. However, executable code is much less forgiving - normally, changing even one byte of binary code is enough to cause a program to crash. Yet Hydan not only manages to allow the binary to run properly, it even manages to contain the hidden payload without changing the executable file's original size. This seemingly impossible task is viable thanks to redundancies in x86 instruction code. That is to say, there are places where two instructions are the same, so it should be possible to replace one of them. However, such redundancies are far less common in executable binaries than in graphic, audio or video files. As a result, Hydan can only hide one byte of a text message in about 110 bytes of executable code. By comparison, other steganography programs such as Outguess can hide one byte of message in 17 bytes of a .jpeg file.
Hydan encrypts messages using the blowfish algorithm with a user-supplied passphrase. Though steganography is mostly used to hide information that some people would rather not share with the world, Hydan has some other functions: it can be used to embed a watermark or a digital signature in an executable file. Hydan is open source and will run on Linux and *BSD, but there is also a version for Windows.
Debian Installer RC1
The new Debian installation program RC1 (Release Candidate 1) for "Sarge" was released on 07 August. Download links can be found here. There is even a review of the new installer over at Linux.com.
It's seldom that publishing an installation program would make headlines, but in the case of Debian it's a monumental event. It has been a long time coming, as work on the installer began about four years ago. Debian "Woody" was released on 19 July, 2002, and many had anticipated that a new installer would be available then, but they were disappointed. The next release of Debian (code-named "Sarge") is anticipated for September, though that is not engraved in stone. The difficulty of creating an easy-to-use installer for Debian has much to do with the fact that Debian runs on 11 different architectures (alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, sparc, s390), and the developers have been adamant that the installation experience should be the same everywhere. This, apparently, is easier said than done.
In terms of packaged software, Debian is the largest of all distros, with over 16,000 packages in the "unstable" branch. However, the number of users actually running "pure" Debian may be much smaller than the super-sized package collection indicates. Rather, many people are using Debian-based distros (Knoppix, Xandros, Lindows, etc) which conveniently are compatible with Debian's monumental package collection.
The reason for this state of affairs is that Debian has long been notorious for its difficult-to-use installation program. Indeed, the current installer is so bad that it has given a significant boost to a whole cottage industry of Debian-based distros which tout "easy installation" as a major drawcard. Just how much the new and much-improved installation program will impact these other Debian-based distros remains to be seen. Of course, there is more to a distro than just its installer (easy-to-use system administration tools, for example).
One thing for certain - with the upcoming release of Sarge and the new installer, this is an exciting time for Debian users.
Linux at the Olympics
Friday the 13th marked the official (if inauspicious) start of the Athen's 2004 Olympics. Spectators can expect to see a lot of running, jumping and hitting balls with various objects - all in all, a very non-geeky event, though we'd venture to guess that some of the athletes have an unconfessed weakness for pizza deliveries.
That having been said, Linux will make a small but significant splash at this year's summer Olympics thanks to the BBC. According to this article, the British Broadcasting Corporation will use Linux to improve the speed and accuracy of rendering real time results. Leading the charge are British techies who have installed a bank of Linux computers at the International Broadcasting Centre (IBC) in Athens. The machines will receive real-time results in XML format, and then use SQL databases to store the data, which will then be piped to Macs running Linux apps that will render 3D graphics.
The Athens Olympics are likely just the first step. Jon Hanford, senior systems analyst at BBC, says that the system is being battle-tested at the Olympics, and if successful will likely be used at future sporting events. So next time you see a gymnast flexing his or her biceps in stunning 3D, remember the Linux developers who made it all possible. Now if we could only get some of those Olympic stars to wear DistroWatch T-shirts...
Linux Trademark Battle - Blasts from the Past
Though now mostly forgotten (if not forgiven), back in the bubble days of 1996, Linux Torvalds (with the help of his friends) fought a year-long legal battle to gain control of the "Linux" trademark. Linus - not being a trademark kind of guy - had neglected to register the name Linux with the US Patent and Trademark Office (USPTO). That proved to be a costly mistake when an individual by the name of William R. Della Croce, Jr. came out of the woodwork and started demanding 10% royalties on sales from businesses marketing Linux products. Della Croce, it seems, had registered the "LINUX" trademark for a computer operating system. This is despite the fact he was not a developer and was in no way associated with Linux. Details of the fiasco are outlined here.
A year later, a legal settlement was reached and Linus regained control of the Linux name. For the young software developer from laid-back Finland, the whole twisted nightmare was a rude introduction to the US legal system. An old article from Linux Journal explains how the case was resolved.
Unfortunately, the more things change, the more they stay the same - now somebody else is trying to register the Linux name (this time in Australia). However, it's unlikely that this case will get very far. Basically, what's happening is that a company calling itself Linux Australia Pty Ltd has been trying to register its name as a trademark, so far unsuccessfully. Australia's answer to the USPTO, IP Australia, has apparently heard of Linux and seems pretty sure that it wasn't invented Down Under. Another complicating factor is the existence of Linux Australia, Inc, an Aussie open-source organization that has been using the name as an unregistered trademark. Linux Australia has gotten in touch with Linux Torvalds and asked him to legally reassert possession of the Linux name. More details of this convoluted story can be found here.
What a world we live in. Before you know it, somebody will start trademarking common everyday English words like "windows" and "outlook".
Crippled XP At Discount Prices
Faced with high software prices, customers in at least some parts of the world have lately been deciding that they can do without Windows XP (or at least legally-licensed copies). Full-priced legal CDs containing Windows XP plus Office carry a combined price tag of nearly US$600. In wealthy countries that may be affordable (for most), but in developing countries it represents months of hard-earned wages. Not surprisingly, many of the non-wealthy decide that their best bet is to run pirated software.
The traditional response from the software industry has been to get their governments (usually the US government) to push, pull and issue dire threats of economic sanctions against the offending country for IPR violations. The traditional response from the offending countries has been fake compliance, with high-profile "crackdown cleanup" campaigns. Photos of seized pirate CDs being incinerated in front of approving Western software execs are front-page news in developing country newspapers. Occasionally they throw a few fake Rolex watches and Gucci handbags into the bonfire as well. After the execs head back to their five-star hotels or the airport, the street vendors unpack their newly-pressed Windows/Office CDs and flog them off to locals and tourists alike for US$2 a piece.
Of course, there is another option - the citizens of developing countries could run open source software. And increasingly, this is what they are choosing to do. Aside from costing nothing and being perfectly legal, they gain a few bonuses - freedom from viruses and "product activation", as well as the chance to cultivate a local pool of programming talent.
After bravely holding prices as high as possible for as long as possible, Microsoft finally decided to blink when sales of Linux went through the roof in Thailand. In order to stem the flood of defections, late last year Microsoft threw in the towel and dropped the price of the Thai edition of WinXP+Office to US$37, which is only about 6% of its former cost. Not surprisingly, the new bargain basement prices did not go unnoticed by other developing nations, and they too started demanding a discount.
Caught between a penguin and a hard place, Microsoft announced last week that, starting from October, it would offer a crippled version of Windows officially called "Windows XP Starter Edition." Unofficially, users are calling it "XP-Lite". Among the great new features it offers are lower-resolution graphics, fewer networking capabilities and reduced multitasking. A Microsoft press release called XP-Lite "a low-cost introduction to the Microsoft Windows XP operating system designed for first-time desktop PC users in developing countries." Aside from Thailand, Indonesia and Malaysia will qualify for the cut-rate deal, and there have been suggestions that Singapore be included too (though it is hardly a "developing country"). Other lucky winners in the software sweepstakes may include China and India, but Microsoft seems as yet undecided about this.
No sooner was the ink dry on the digital announcement than IT research firm Gartner published a report recommending that users "steer away" from the new XP-Lite. The Gartner analysts suggested that users would likely find the disabled features "frustrating", and concluded that the ironic result might actually be to increase piracy of Windows XP and Office.
It remains to be seen whether or not consumers in Asia will prefer XP-Lite or Linux. In Thailand, Linux has already gained an enthusiastic following, and Thai geeks are insisting that they won't be seduced by budget Windows. As others have pointed out, Microsoft's sudden generosity has nothing to do with altruism, but rather competition. If the Linux threat recedes, it's hard to believe that software prices won't rise again. A little competition can be a good thing.
|Released Last Week
A new version of GeeXboX, a Linux-based multimedia player, has been released: "Here
comes again the GeeXboX. This 0.98 edition is a key point in our
roadmap. Indeed, this latter does not really come with many new
features (but some new useful things whenever) but fixes a huge
number of annoying bugs. Most of all, this release will probably be the
last time you see GeeXboX looks like it. We've plan to work harder than
ever to bring you next time a new OS, like you've never seen, still
keeping it as simple to use as it ever been. So just stay tuned :-)" Read the full announcement on the distribution's home page, in French or in English. Download: geexbox-0.98-fr.iso (6.07MB) or geexbox-0.98-en.iso (5.96MB).
K12LTSP 4.1.0 has been released: "K12LTSP
4.1.0 is finally available for your downloading pleasure. This release
was a long time in coming, 144 days since the last release. K12LTSP
4.1.0 is the combination of Fedora Core 2 and LTSP 4.1.
The hard work of these two projects shows in this release, this is the
fastest, most refined release of K12LTSP to date. We owe the Fedora and
LTSP projects a big thank-you." Read the full announcement including the changelog. Download: K12LTSP-4.1.0-disc1.iso (623MB), K12LTSP-4.1.0-disc2.iso (649MB) ,K12LTSP-4.1.0-disc3.iso (649MB), and K12LTSP-4.1.0-disc4.iso (621MB).
tinysofa classic server 1.1
tinysofa classic server 1.1 (Rio) is now generally available. "Rio
overhauls the tinysofa classic server product line, adding Native POSIX
Threads Library support to the kernel and glibc, Exec-Shield support to
the kernel, replacing the SWUP updater with APT as the primary advanced
package management tool, designating vsftpd as the only FTP server
shipped, adding dovecot and tftp to the base package set, implementing
'thought process compatibility' with the tinysofa enterprise server
product line and much more." Download: Rio.i586.iso (356MB) and Rio.src.iso (324MB) via BitTorrent. Md5sums can be found on traditional FTP sites.
tinysofa enterprise server 2.0
tinysofa enterprise server 2.0 (Odin) is now generally available. "Odin
is a next generation operating system which showcases the latest in
open source technology in a fast, stable, securely configured and
easily manageable form. Odin features: The Linux 2.6.8 kernel, SELinux
support, APT as an advanced package management tool, a turn key ASP.NET
solution using components from the Mono project, the next generation
PHP 5 environment, high availability features such as DRBD, UCARP and
PostgreSQL replication, the latest development tools and languages" including automake 1.9, bash 3.0 and tcl 8.4.7! Download: Odin.i386.iso (691MB) and Odin.src.iso (703MB) via BitTorrent. Md5sums can be found on traditional FTP sites.
blackPanther OS 4.0
(formerly known as blackPanther-Linux) is a Hungarian Linux
distribution based on Mandrakelinux. Version 4.0 of blackPanther has
been released: "First CD there is ISO format, other 4CDs only in FTP, source and RPM format available." If you understand Hungarian you can read the full announcement here. Download: CD1-blackPanther4.0final.iso (527MB).
A new version of the Inside Security Rescue Toolkit INSERT has been released. From the changelog: "v1.2.14
(the one-year-anniversary release). Bugfix: libpcap0.8 was missing (for
tcpdump). The following packages/programs were updated: fwlogwatch,
clamav, avscan, smbmount, rkhunter; p0f - a passive OS fingerprinting
tool was added; the ability to create boot floppies (mkfloppy.bat and
mkfloppy.sh was removed (the files didn't fit on a floppy anymore, this
should be re-added ASAP); a bug with the 'toram' boot option was fixed.
Now all files are being copied to the RAM disk...." Download from here: INSERT-1.2.14_de.iso (49.0MB) or INSERT-1.2.14_en.iso (49.0MB).
Development and unannounced releases
DistroWatch database summary
- Number of Linux distributions in the database: 315
- Number of BSD distributions in the database: 7
- Number of discontinued distributions: 32
- Number of distributions on the waiting list: 84
|Tips, Tricks and Hints
Steganography provides a useful way to secure your bank account or credit card numbers, but it's not really a practical form of encryption if you've got a large quantity of data to conceal. If, for example, you're a politician and you've got hundreds (or thousands) of incriminating emails that you'd like to keep secret, trying to bury them one at a time inside of your family digital photo album would be a painstaking task to say the least (and it would be equally painstaking trying to retrieve the data, or search through it). Aside from that, some of the data you wish to hide may include naughty photos or videos, and steganography wouldn't be of much help since it's designed for hiding text.
The solution to this problem is to place all the scandalous files on an encrypted partition. A clever algorithm and a passphrase are used to encrypt the partition. This is a nearly bulletproof solution, but be forewarned that if you forget the passphrase, you can kiss the data goodbye unless you've backed it up to someplace else in an unencrypted format.
Linux provides two unrelated packages for making encrypted partitions, Cryptoloop and loop-AES (note that these are Linux-only - the BSDs have their own separate encryption schemes). However, it's been claimed that Cryptoloop has certain weaknesses, and it was recently discussed on Kerneltrap that Cryptoloop was being replaced with dm-crypt in the 2.6 kernel. For that reason and others, this article will focus on loop-AES.
Unfortunately, installing loop-AES is not as simple as grabbing an RPM or source tarball - it requires a kernel module and patched util-linux. More devout geeks may rise to the challenge, but it's a complicated mess and I'm not going to cover how to do it in this brief article. The good news is that more and more distros are including loop-AES by default - if your distro doesn't, give the developers some pressure to do so. In my opinion, it's a killer feature, and every desktop distro should have it.
The easiest way to find out if you've got loop-AES installed is to search for the loadable Linux kernel module "loop.o" on 2.4 kernels, or "loop.ko" on 2.6 kernels. An easy way to do this is with the "locate" command. If you're unfamiliar with "locate", note that it depends on a database that you create first create by running "updatedb" (you must be root to do so). You only need to run "updatedb" just once, though you may want to run it periodically (once a week) to rebuild the database as the files on your computer change. Most Linux systems will run "updatedb" as a weekly cron job, but that won't necessarily work if your computer isn't turned on just after midnight. Anyway, run "locate loop.o loop.ko" - here are the results that I obtained:
locate loop.o loop.ko
As you can see, I have the necessary modules, so I'm in business. I'm running Knoppix 3.4, and I've also found the drivers on recent versions of Xandros, Mepis and Libranet. I have Slackware on one on my hard disk partitions, and it does not have loop-AES enabled by default. I have not checked the other 310 distros that are in the DistroWatch database (this is not a feature we normally monitor, but maybe we should). I'd be very interested in hearing from others to learn whether or not loop-AES is enabled in their favorite distros.
At this point, it's worth pointing out that there are two ways to use loop-AES. One way is take an unused partition on our hard drive (perhaps /dev/hda3) and encrypt it. The other way is just to make an encrypted BIGFILE and place it on a partition that we are already using. With this in mind, let's get down to the actual details.
You need a spare partition if you want to encrypt it because all the data will be destroyed. If you aren't already intimately familiar with your partition table, there are a few tools which will let you peek at it. One is "sfdisk" - you must be root to run it, and it's a dangerous tool if you start monkeying around with all it's capabilities, so just stick to the "-l" option. Read the sfdisk man page if you want to know more, otherwise, as root do the following:
Disk /dev/hda: 4865 cylinders, 255 heads, 63 sectors/track
Device Boot Start End #cyls #blocks Id System
/dev/hda1 * 0+ 13562- 13563- 6835626 a6 OpenBSD
/dev/hda2 13562+ 42632- 29070 14651280 a5 FreeBSD
/dev/hda3 42632+ 43604 973- 489982+ 82 Linux swap
/dev/hda4 43605 77544 33940 17105760 5 Extended
/dev/hda5 43605+ 55223- 11619- 5855661 83 Linux
/dev/hda6 55223+ 61040- 5818- 2931831 83 Linux
/dev/hda7 61041+ 77544 16504- 8317984+ 83 Linux
As you can see from the above, /dev/hda1 and /dev/hda2 are occupied by OpenBSD and FreeBSD respectively, so let's forget those. I had originally hoped to use /dev/hda3, but I see that's it's occupied as my swap partition, so that's out too. My /dev/hda4 is an "extended partition" - never mess with that. The only possible candidates are /dev/hda5, /dev/hda6 and /dev/hda7. But wait, I might be using those too - better check with the "df -h" command:
Filesystem Size Used Avail Use% Mounted on
/dev/hda7 7.9G 3.1G 4.4G 42% /
/dev/root.old 17M 7.9M 8.3M 49% /initrd
/dev/hda6 2.8G 546M 2.1G 21% /home
Good thing I checked - /dev/hda7 is my root partition, and /dev/hda6 is /home. So the only spare partition I've got is /dev/hda5. Actually, I've got an old Linux distro installed there, but it's not important so I'm going to nuke it. We will use the losetup command, which is used to set up and control loop devices. So, without further ado:
losetup -e AES128 -T /dev/loop0 /dev/hda5
This command will link /dev/hda5 to the first virtual peripheral /dev/loop0. You will be asked to enter a password - 20 characters or more is recommended. Once you've done that, create an ext2 filesystem on /dev/loop0:
mkfs -t ext2 /dev/loop0
Now we must detach the partition from the specified loop device:
losetup -d /dev/loop0
Now, create a new directory which will be used to mount this partition:
The last step is to edit file /etc/fstab. Before you do this, make a backup copy (a wise move whenever you edit an important system configuration file:
cp /etc/fstab /etc/fstab.original
OK, go ahead and add this line to /etc/fstab:
/dev/hda5 /sleaze ext2 defaults,noauto,loop=/dev/loop0,encryption=AES128 0 0
Now you may mount /dev/hda5 to /sleaze whenever you like (you'll need to be root to do that, or else set up sudo). Anytime you attempt to mount it, you'll be asked for the password (not the root password, but that big long 20-character password which you'd better not forget). Whenever the partition is not mounted, the data will be inaccessible, and thus safe from prying eyes.
Finally, note that my encrypted partition could have been placed on a removable device such as a USB card or keyring (/dev/sda1) or even on a floppy (/dev/fd0), but not a CDR.
As already mentioned, loop-AES can be used to create an encrypted BIGFILE rather than an encrypted partition. The main advantage is that you won't need a spare partition on your hard drive. From what I've read, you should be able to back up the BIGFILE to a CDR, but I have not had much luck with this.
For the purpose of this experiment, I'll create a 100MB BIGFILE. Before I begin, let's see how much empty space I have available on my mounted partitions. This is best done with the "df -h" command:
/dev/hda7 7.9G 2.5G 5.0G 34% /
/dev/root.old 17M 7.9M 8.3M 49% /initrd
/dev/hda6 2.8G 546M 2.1G 21% /home
I've got more space in my "/" partition than anyplace else, so I could put my BIGFILE in /root, or create a new user in /home and put in there. Since it will require root privileges to access anyway, I'll put it in /root but there is no reason why I must. I need to perform the following steps to create my BIGFILE and set it up as a loop device:
dd if=/dev/zero of=/root/BIGFILE bs=4k count=2560
losetup -e AES128 -T /dev/loop1 /root/BIGFILE
mkfs -t ext2 /dev/loop1
losetup -d /dev/loop1
You can do all of the above without any explanation, but most of you would probably like to know what's going on. The math in the first line: "bs" means "block size" and "count" means "how many blocks". Always use a block size of 4k, but you can vary the count according to the size you want the encrypted file to be: "4k x 256 = 1024k" which is 1MB, but I want 10MB so I multiply 256 times 10 to get 2560.
Also note above that I used "/dev/loop1", not /dev/loop0 - the only reason for this is that I've already populated /dev/loop0 with the encrypted partition I created earlier. Yes, you can indeed have both an encrypted partition and an encrypted BIGFILE at the same time. In fact, you can have up to eight encrypted partitions and/or BIGFILEs (/dev/loop0 to /dev/loop7).
Finally, I add a line to /etc/fstab so that I can mount /root/BIGFILE onto its mount point /secret:
/root/BIGFILE /secret ext2 defaults,noauto,loop=/dev/loop1,encryption=AES128 0 0
It only remains for me to mount the encrypted BIGFILE:
Ideally, it would be nice if I could back up the encrypted data to a CDR (while still keeping it encrypted). Articles I've read indicate that BIGFILE could be burned to a CDR, but my own experiments with this failed. I'd be interested if others have been more successful. However, backing up to my removable USB hard drive worked just fine.
That's all for this week.
1 • Do I "Smell" Debian Bashing? (by NemesisBLK on 2004-08-16 01:47:28 GMT) |
"However, the number of users actually running "pure" Debian may be much smaller than the super-sized package collection indicates."
LOL. You joking right?
"Indeed, the current installer is so bad that..."
Bad? I disagree. The old installer might intimidate those that don't bother to RTFM, but I actually prefer the old installer. Never had a problem with it. It did the job well thats all I ask for and that installer was all I needed.
2 • XP Lite (by Andrew on 2004-08-16 03:02:04 GMT)
How can you reduce the amount of usability on an OS like XP when it already lacks basic applications like pdf viewer, a quality zipping application, a quality burner and word processor?
Will XP Lite just contain Spider Solitaire and Wordpad? Who would touch it?
3 • athens2004.com and loop-aes (by anon on 2004-08-16 05:08:49 GMT)
"the British Broadcasting Corporation will use Linux to improve the
speed and accuracy of rendering real time results. Leading the
charge are British techies who have installed a bank of Linux
computers at the International Broadcasting Centre (IBC) in Athens."
I don't know what has happened (I hope nothing related to Linux),
but athens2004.com has become a complete disaster as far as
real-time (or even delayed) results. Many of the events (even
ones that finished HOURS or DAYS ago) do not have any results
- the generated HTML table just shows a blank.
I don't see "loop-aes" in the kernel configuration (2.6.8). I can
find cryptoloop in "Device Drivers / Block Devices" right under
"Loopback device support" (which I have compiled into the
kernel - NOT as a module).
Gentoo does include "util-linux-2.12-cryptoapi-losetup.patch.bz2"
(if you the crypt flag set in make.conf).
4 • loop-AES (by Robert Storey at 2004-08-16 05:46:32 GMT)
In response to the following...
> I don't see "loop-aes" in the kernel configuration (2.6.8). I can
> find cryptoloop in "Device Drivers / Block Devices" right under
> "Loopback device support" (which I have compiled into the
> kernel - NOT as a module).
> Gentoo does include
>(if you the crypt flag set in make.conf).
I was trying to keep the article simple, as a basic introduction. But if there's really demand for rolling your own loop-AES, I'll give you the following information (note that this is from a magazine article, it's a bit dated and if it breaks you get to keep both parts):
BUILDING THE LOOP DEVICE
You must have a kernel with modules support enabled (CONFIG_MODULES=y), and loopback support must be disabled (CONFIG_BLK_DEV_LOOP=n). This might be the default in your kernel, and if so then you won't need a kernel recompile (otherwise, you will).
tar -jxvf loop-AES-v1.7d.tar.bz2
make clean; make
If you get errors with "modprobe loop" you probably don't have the kernel set up properly.
BUILDING THE TOOLS
Three tools are mandatory - mount, umount, and losetup. If you want to encrypt the swap partition, then swapon and swapoff are needed.
Download the util-linux archive from ftp://ftp.kernel.org/pub/linux/utils/util-linux. There are many versions, so use the one mentioned in the Loop-AES directory. A patch called util-linux-XXX.diff should be present in the Loop-AES direcotry, which means you should download the XXX version of util-linux. For example, loop-AES-1.7d requires util-linux-2.11z.
Type the following lines from loop-AES directory to rebuild mount, umount/losetup, swapon and swapoff:
bzip2 -d -c util-linux-2.11z.tar.bz2 | tar xvf
patch -p1 <../util-linux-2.11z.diff
make SUBDIRES="lib mount"
install -m 4755 -o root mount umount /bin
install -m 755 losetup swapon /sbin
rm -f /sbin/swapoff && ( cd /sbin && ln -s swapon swapoff )
install -m 644 mount.8 umount.8 losetup.8 /usr/share/man/man8
install -m 644 swapon.8 swapoff.8 /usr/share/man/man8
rm -f /usr/share/man/man5/fstab.5.gz
instaall -m 644 fstab.5 /usr/share/man/man5
Now you have the complete suite of loop-AES tools, you can try a "make tests" to check whether everything went smoothly.
5 • erpos3 by credative (by distrowatch reader at 2004-08-16 05:49:29 GMT)
I am currently trying erpos3. Locale changes the language to english or whatever language is needed. The entire file system root,boot,home usr,tmp, var is steganographic and currently lives under an old Mandrake 9.2 working install. Cfdisk, fdisk mandrakes installer redhat installer bsd installer all that I can think of shows no trace of the debian erpos3 install. This message is being typed on a non visible browser
6 • loop-aes (by anon on 2004-08-16 06:19:23 GMT)
Well, I can certainly follow those instructions
to install it. :)
I read the dm-crypt page, and it just looks a
little cleaner, so I think I will go with that option.
Thanks for the steganographic articles. I have
always found the topic interesting, and have a
collection of programs going back to my DOS
days. I recall one that his text within text (it
changed empty lines between paragraphs to
a series of spaces and tabs, and I think it put
extra spaces between words sometimes). Very
7 • Word(tm) (by Eavy at 2004-08-16 09:48:21 GMT)
'What a world we live in. Before you know it, somebody will start trademarking common everyday English words like "windows" and "outlook". '
Or a word like "Word". ;-)
8 • XP-Lite (by Peter on 2004-08-16 12:13:25 GMT)
I would love to try XP-Lite.... this XP-Lite:
9 • Linux on Macs (by Jim at 2004-08-16 14:47:45 GMT)
I own a current generation PowerBook, it is my first mac and I love it. I had GentooPPC installed on it for a couple of weeks, and I currently run Gentoo on my x86 desktop as well, so I have seen both worlds.
I had to remove gentoo from my PowerBook though because it just didn't stand up to the quality of OS X. The wireless card built into my mac didn't work, I couldn't get a decent resolution out of the video card, and things like brightness/sound controls were far less responsive.
I have found that I have a much better experience running OS X and fink, that way I can run pretty much every program I could ever want, and everything works exactly as it should. Which is the best reason to get a Mac, everything always works. My recomendation for anyone looking for a laptop is get a mac, run fink if you need it, (or the new Gentoo OS X which I haven't tried yet) and you won't regret it.
10 • Linux on PPC (by Jack Malmostoso at 2004-08-16 17:17:00 GMT)
It's now 6 months I own a 12" iBook, and have installed linux right away taking it out of the box.
In the beginning there was YDL (http://malmostoso.altervista.org/ibook), but now I run Debian, and I am so happy with it.
I don't like OSX (yeah, right, I don't like it), I prefer the good old linux feel I have at home, on my x86 machine.
Don't get me wrong, OSX is great as a windows replacement, but I just think linux is better.
Today I run linux at 100% of the possibilities of my machine: when I bought it, configuring X was a challenge.
Linux is great, the community rocks.
Going back to the comparison, the only thing I miss from x86 is GRUB: the yaboot bootloader is lilo-style, and I never liked it, but it gets the job done.
I hope GRUB2 will really be portable as stated.
Oh yeah, the flash plugin. Who cares.
Debian on PPC rocks!
11 • Linux on PowerPC (by Tony K. at 2004-08-17 02:38:49 GMT)
I have been using Linux (Yellowdog) for the past couple of years on my G3 12" iBook. It is well done, but lags a little in time from it's derivative, RedHat/Fedora. YDL 3.0.1 is comparable to RH 9.0. The only limitations I have on my iBook are no external monitor support and no modem support, although I believe the later has been improved. I have been running various RedHat/Fedora distros simultaneously on my Athlon desktop for several years. With the recent release of Debian's new installer RC1 I have tried them on both my Desktop and my iBook with satisfying results, although there still appears to be bugs in the installer. So far I like Debian. I may be another convert!
Mounting HFS+ partitions has only recently been supported, (since YDL 3.0.1?) Updating OSX can sometimes wipe over your boot partition, but it is easy to start up in open-firmware and then boot into your Linux partition. YDL has noticeably faster response than OSX on the iBook.
I have deliberated over getting an i386 laptop many times, but I like having MacOSX as an alternative to Windows. And I like the small form factor of my iBook.
It has been a little more difficult finding ready made RPM binaries for PPC, but you can usually get what you need or it results in compiling from source which I have good and bad success with. However with Debian installed on PPC, I have yet to find a package that I can't get and so far no dependency hell!
12 • bbc linux-driven site (by Pierce Lopez on 2004-08-17 04:17:15 GMT)
About the bbc linux-driven athens site showing up blanks for you, if you don't live in britian your supposed to be locked out of it, because of the rights purchased by some media network in the us, to have exclusive us rights to the coverage of the olympic games.
13 • XP-Lite (by Mick at 2004-08-17 08:07:53 GMT)
Now, if someone could just encourage Bill to remove all of the bloat from WinXP, he might be able to justify calling it 'Lite'. Or better yet, take out everything that doesn't work, has a hole in it, or is older than, say, dirt, and what remained - if it booted - might fly... Heck, I might even try it myself!
14 • No subject (by Anonymous on 2004-08-18 15:47:02 GMT)
You forgot the spyware!
(my source on that is stallman's latest speech)
Number of Comments: 14
|• Issue 603 (2015-03-30): Tails 1.3, LibreOffice Online, Linux Firewalls book review, Kubuntu with Plasma 5|
|• Issue 602 (2015-03-23): Bodhi Linux 3.0.0, distro popularity, OpenBSD's new web server, GNU Manifesto turns 30|
|• Issue 601 (2015-03-16): Ubuntu MATE 14.10, modern distros for old hardware, AppArmor in Debian, Fedora 22 Alpha|
|• Issue 600 (2015-03-09): Korora 21, distro diversity, Ubuntu gets systemd, PC-BSD security features|
|• Issue 599 (2015-03-02): Sabayon 15.02, creating good passwords, new YaST modules, LMDE preview
|• Issue 598 (2015-02-23): Netrunner 14.1, Vivaldi web browser, Debian election, Cinnamon improvements|
|• Issue 597 (2015-02-16): MakuluLinux MCDE 2.0, Ubuntu phones launch, m0n0wall ceases development, live Linux updates|
|• Issue 596 (2015-02-09): ArchBSD 2014.09.04, encrypted e-mail, Fedora upgrade stats, FreeBSD's support policy|
|• Issue 595 (2015-02-02): ExTiX 15.1, Destroying encrypted data, openSUSE election, OSDisc statistics|
|• Issue 594 (2015-01-26): KaOS 2014.12, Commercial distros, Snappy Ubuntu, PackageKit fixes|
|• Issue 593 (2015-01-19): ReactOS 0.3.17, Unity on Mir, Bluetooth support, openSUSE election|
|• Issue 592 (2015-01-12): Mint 17.1, load averages, binary logs, GNOME Software|
|• Issue 591 (2015-01-05): Manjaro 0.8.11, systemd, Devuan, Torrent Corner|
|• Issue 590 (2014-12-22): Fedora 21, Ubuntu phone, expanding ZFS storage, Able2Extract|
|• Issue 589 (2014-12-15): Parsix 7.0, Ubuntu "Snappy", PC-BSD upgrades, How Linux Works|
|• Issue 588 (2014-12-08): PC-BSD 10.2, rolling-release Ubuntu GNOME, Bitrig, systemd|
|• Issue 587 (2014-12-01): Trisquel 7.0, Kubuntu 14.10 "Plasma5", FreeBSD on 64-bit ARM, Jolla and UbuTab|
|• Issue 586 (2014-11-24): Scientific Linux 7.0, Debian and systemd, Ubuntu MATE, application-level firewalls|
|• Issue 585 (2014-11-17): openSUSE 13.2, PC-BSD's "roles", MATE + Compiz on Mint, cleaning package cache|
|• Issue 584 (2014-11-10): OpenMandriva 2014.1, Debian freeze, trickle, systemd and boot times|
|• Issue 583 (2014-11-03): Ubuntu 14.10, ownCloud, Kylin interview, The Book of PF, Elive's commercial ways|
|• Issue 582 (2014-10-27): GhostBSD 4.0, Tumbleweed and Factory merge, systemd and fork of Debian|
|• Issue 581 (2014-10-20): SparkyLinux 3.5, Fedora's graphics stack, Debian and systemd, OpenBSD 5.6|
|• Issue 580 (2014-10-13): Rolling releases, Arch as best distro, GNOME on Wayland, MINIX 3.3.0|
|• Issue 579 (2014-10-06): PC-BSD 10.0.3, Debian's Jessie freeze, setting up home server|
|• Issue 578 (2014-09-29): Calculate 14, Debian's default desktop, Shellshock vulnerability, practical Tiny Core|
|• Issue 577 (2014-09-22): SymphonyOS 14.1, FreeBSD drops pkg_add, MINIX on ARM, GNU screen|
|• Issue 576 (2014-09-15): PCLinuxOS 2014.08, Mint's documentation, Debian's hardware database, CDE|
|• Issue 575 (2014-09-08): Porteus 3.0.1, Fedora's blivet-gui, Red Hat's Docker, systemd|
|• Issue 574 (2014-09-01): Ubuntu Kylin 14.04, Haiku and Linux kernel, Wayland support, Lumina, Bash completion|
|• Issue 573 (2014-08-25): SolydXK 201407, VPN gateway with FreeBSD, Ubuntu MATE, Raspbian, trusting binary packages|
|• Issue 572 (2014-08-18): ZFSguru 10.1, Fedora's Flock, beta installer for "Jessie", Ubuntu Core, rolling releases|
|• Issue 571 (2014-08-11): HandyLinux 1.6, LMDE update, default desktop in "Jessie", running out of disk space|
|• Issue 570 (2014-08-04): Neptune 4, Kubuntu's KDE Plasma 5, FreeBSD and UEFI, Linux servers|
|• Issue 569 (2014-07-28): Deepin 2014, Ask Fedora, Gentoo and LibreSSL, encrypted package downloads|
|• Issue 568 (2014-07-21): Antergos 2014.06.24, Mint based on Debian stable, upgrading CentOS, BinaryTides|
|• Issue 567 (2014-07-14): Manjaro 0.8.10, PC-BSD jails, Debian and glibc, Fedora's DNF, Xiki and Opera 24|
|• Issue 566 (2014-07-07): LXLE 14.04, OpenBSD's SimpleDE, openSUSE artwork, home security basics|
|• Issue 565 (2014-06-30): Chakra 2014.05, Fedora on BeagleBone, Matthew Miller interview, e-book readers|
|• Issue 564 (2014-06-23): Antergos 2014.05.26 and Q4OS 0.5.11, Debian LTS and glibc, Fedora DNF|
|• Issue 563 (2014-06-16): Mint 17, CentOS 7 pre-release, Debian MATE, accessing encrypted content|
|• Issue 562 (2014-06-09): GoboLinux 015, Gentoo interview, Fedora leader change, climagic tricks|
|• Issue 561 (2014-06-02): OpenMandriva 2014.0, Debian GNU/Hurd, Lubuntu and LXQt, Final Term, TrueCrypt|
|• Issue 560 (2014-05-26): KaOS 2014.04, Wayland and KDE 5 on Fedora, distros with commercial support, DenyHosts|
|• Issue 559 (2014-05-19): VortexBox 2.3, LTS-only Linux Mint, FreeBSD 11 ambitions, KDE 5 beta|
|• Issue 558 (2014-05-12): RHEL 7 Workstation impressions, LXQt and Lumina, Haiku interview|
|• Issue 557 (2014-05-05): Xubuntu 14.04, Ubuntu 14.10 roadmap, Fedora Workstation, ownCloud|
|• Issue 556 (2014-04-28): Ubuntu 14.04, LibreSSL, Lumina desktop, Deepin interview|
|• Issue 555 (2014-04-21): Robolinux 7.4.2, Ubuntu release day stats, Debian security, Porteus update|
|• Issue 554 (2014-04-14): Review of FreeNAS, OpenSSL bug, Fedora.next, Robolinux Stealth VM, measuring memory|
|• Issue 553 (2014-04-07): Puppy 5.7 "Slacko", end of Ubuntu One, file encryption with GPG|
|• Issue 552 (2014-03-31): Tanglu 1.0, Ubuntu GNOME LTS, SliTaz for ARM|
|• Issue 551 (2014-03-24): Linux Mint "Debian" 201403, call for end to proprietary firmware, LVM|
|• Issue 550 (2014-03-17): Review of NixOS 13.10, Lubuntu seeking feedback, Android-x86 4.4-rc1 impressions|
|• Issue 549 (2014-03-10): ClearOS 6.5 and UCS 3.2, Gentoo interview, Ubuntu app contest, Into the Core|
|• Full list of all issues|