Tech Freedom

Big Show 1

 

FOSS News 1 – Big Show

Distro News

Manjaro Talos Released

Ubuntu Double Header

Alma vs Rocky: Which is the Best CentOS Alternative?

FOSS News

How to Set Up Your Own VPN with WireGuard

LibreOffice 7.5.3 Released

11 Ways to Be More Private

FOSS Fun

Discord Makes It Easier to Find People

Heroic Launcher Gets Hotfixed

Proton 8.0-2

#FOSSNews #Linuxnews #Linux #Distros #Howtos #FOSSFun #TechFreedom #Manjaro #Ubuntunews #almalinux #rockylinux #wireguard #Lireoffice #privacy #valve #steam #Proton #heroiclauncher

FOSS News, Linux, How-tos, Gaming, Tech Freedom, all sorts of good stuff


 

Distro News

DN 1– Manjaro 22.1 “Talos”

On April 21, the Manjaro team released their latest round up system updates, codenamed “Talos”. As is typical with this very tested, Arch-based distro, they lag behind the bleeding edge by a few months. I still use Manjaro on my streaming PC and my wife’s laptop, though I have migrated my surface and our other machine away from that, as it seemed to break things or cause unnecessary slow-downs for those machines. Manjaro is very much a solid distro, and is a good starting point if you want to try the Arch side of the Linux family tree, as it is safe, yet still essentially a rolling release. So, what’s new in this ISO?

  • GNOME 43.5
    • redesigned system status menu
    • in-house Layouts Switcher application
    • Gradience
    • Custom dynamic wallpapers
    • Manjaro green theming is back
  • KDE
    • 5.27.4
    • Gear 22.12
    • Wayland support as cornerstone (Manjaro team is very excited by this)
      • I’ve spilled much digital ink talking about the latest in KDE as these updates are released, typically on a monthly cadence, and the latest is actually Gear 23.04 and Framework 5.105, not 22.12. This is the nature of Manjaro, though. They make sure that the packages they roll out to users (generally) are rock solid and stable, so unless you feel the need to live dangerously, this is a solid option for you.
  • Xfce
    • Finally on 4.18
    • New file highlighting feature in Thunar
    • Recursive search in Thunar
    • Panel preferences changes
    • Panel length in pixels vs %
    • Panel can now stay on top of windows, so the bottom of a window goes below the panel, rather than covering or sitting flush against it
    • Control Center is now the one-stop shop for all desktop module settings
  • New Kernel 61 LTS ships by default, but options for 5.15 and 5.10 LTS as well.

https://forum.manjaro.org/t/manjaro-22-1-talos-released/139155 

DN 2 – Ubuntu Double Header

2.1 – Update PSA

Make sure that you update to the latest kernel patches from Canonical if you are running Ubuntu, as there were a pair of critical vulnerability exploits which got patched recently: CVE-2023-1829 and CVE-2023-0386, both of which could allow a local attacker to escalate their privileges to root level without a password. The first one was a flaw in the traffic-control index (TC-Index), which required the devs to shut that down in order to fix it. The second was an issue with the OverlayFS file system, which controls the copying process from one UID to another.

These patches affect 22.10, 22.04 LTS and 20.04 LTS users,  so run the update via terminal as you usually would: sudo apt update && sudo apt full-upgrade should grab and install these for you with no problems.

https://9to5linux.com/canonical-issues-new-ubuntu-kernel-updates-to-fix-two-local-privilege-escalation-flaws 

2.2 – Bionic Beaver (Ubuntu 18.04 LTS) is End-of-Life

Just a heads up, here. LTS versions of Linux are supported for 5 years, and we are at the end of that time frame now. If you have any systems running 18.04 still, I suggest upgrading, if it is at all practicable to do so for you. Or you can move to Ubuntu PRO, which will offer extended support through expanded security maintenance (ESM) updates until 2028. Just thought you should know, just in case we have some stragglers or people out there who really have a mission-critical need for 18.04.

https://news.itsfoss.com/ubuntu-18-04-eol/ 


 

Freedom Consultation

  • Free call.
  • 60-90 minutes.
  • Q&A
  • Leave with Actionable Steps to take, whether you work with me or not.

Schedule today.

https://techfreedom.pro/freedom-consultation

#distromonday #freedom #consultation #Linux #degoogleyourlife #TechFreedom


 

DN 3 – Alma VS Rocky: Which is the better CentOS Replacement?

This article lays out several points of comparison, ranging from ease of installation, to extensiveness of documentation, to performance, and ease of use. They both inherited the CentOS installer, so if you liked that, you’ll love the Rocky and Alma Linux installers. I’ve not worked with any of them, personally, but it looks straightforward enough, as it should. Both Alma and Rocky Linux are aimed squarely at enterprise use cases, just as CentOS was. This means that they are geared to be ultra-stable and secure. It is also very easy to migrate from a CentOS install to either Rocky or Alma Linux. All you need is their script to run, and it will switch you right over. One benefit that Alma has is that they have also included upgrading in their migration script. So not only will it laterally migrate you from CentOS to Alma, but it will update & upgrade you to the latest version of Alma Linux all in one go. Rocky Linux also has migration tool, but as I just said, it doesn’t have the ability to upgrade you to the latest version in one fell swoop, but that is ok. Alma Linux is slightly faster in the benchmarks, but the difference is pretty negligible. As for ease of use, they are pretty close to identical, and both ship with GNOME templates for workstations. Rocky Linux  has far better documentation, so maintaining and repairing it is easier than Alma, which has a much more sparse, but that can be made up for by the great community support that exists, on the very active subreddit and mattermost channels. Rocky also has community support on their subreddit and mattermost channel, however, they are not as quick to answer questions as the Alma Linux community is. So these distros are pretty darn close, in my book. I’m not looking for an enterprise distro, but if you are, either of these are great options, from what I can tell.

https://www.maketecheasier.com/almalinux-vs-rocky-linux/ 


 

FOSS News

FN 1 – Your Own VPN? Just Like That…

As long as you have a VPS set up somewhere, you can easily set up docker and install Wireguard on it and have your very own, truly private, virtual private network. So right now, we will talk through the process, if you don’t mind. I unfortunately do not have a spare VPS anywhere, so I can’t SHOW you how this works.

First, make sure you have Docker and Docker Compose installed on your server. Most distros are pretty simple in terms of how to get that done, and I trust that you can look that up for yourself, if you don’t know how to get it done right now. So the first step is to check if Docker is installed:

Docker —version

If it returns a version, you are good to go, move on to installing Compose, which will allow you to install and run multi-container apps (which is what this will require).

If not, simply install Docker by following the appropriate install directions for your distro, then do the same for Docker Compose.

Here are the directions for Docker Compose:

  • sudo curl -L “https://github.com/docker/compose/releases/latest/download/docker-compose-linux-$(uname -m)” -o /usr/local/bin/docker-compose
    • sudo chmod +x /usr/local/bin/docker-compose
  • After that, you’ll need to install the appropriate containers for Wireguard Server and WireguardUI:.
  • First you’ll need to create and navigate into a directory called wireguard
    • mkdir wireguard
    • cd wireguard
      • Once there, You’ll need to use your favorite text editor (VIM, Nano, Gedit, ect) to create and edit a file called docker-compose.yaml
        • vim docker-compose.yaml
          • Once the file is open, simply copy the following lines of code into the file:
            • version: “3”
            • services:
              •   # WireGuard VPN service
              •   wireguard:
                •     image: linuxserver/wireguard:latest
                •     container_name: wireguard
                  •     cap_add:
                    •       – NET_ADMIN
                  •     volumes:
                    •       – ./config:/config
                  •     ports:
                    •       # Port for WireGuard-UI
                      •       – “5000:5000”
                    •       # Port of the WireGuard VPN server
                      •       – “51820:51820/udp”
                  •   # WireGuard-UI service
                    •   wireguard-ui:
                      •  image: ngoduykhanh/wireguard-ui:latest
                      •  container_name: wireguard-ui
                      •     depends_on:
                        • – wireguard
                      • cap_add:
                        • – NET_ADMIN
                    • # Use the network of the ‘wireguard’ service
                    • # This enables to show active clients in the status page

    network_mode: service:wireguard

    environment:

      – SENDGRID_API_KEY

      – EMAIL_FROM_ADDRESS

      – EMAIL_FROM_NAME

      – SESSION_SECRET

      – WGUI_USERNAME=admin

      – WGUI_PASSWORD=password

      – WG_CONF_TEMPLATE

      – WGUI_MANAGE_START=true

      – WGUI_MANAGE_RESTART=true

    logging:

      driver: json-file

      options:

        max-size: 50m

    volumes:

      – ./db:/app/db

      – ./config:/etc/wireguard

All you should need to do is change the WGUI_username and WGUI_password fields to your desired values, save and exit from the text editor, then you will actually download the container images and set them up thusly, from the above directory:

docker-compose up -d

It should take about a minute for them to download and be set up this first time, but after that, it should only take seconds to start the respective containers, as they won’t need to download every time you start them. After they have started up, you can open your browser of choice, then navigate to the IP address of your server, like so:

https://my.server.address.here

Enter your username and password (which you changed before you downloaded the images), if you are indeed following these directions. Then click “sign in”.

If you are very concerned with security, which, lets face it, if you are making your own VPN, you probably are, then you should look into installing a reverse proxy such as either Caddy or Traefik,to secure your access to WireguardUI.

Next, you’ll need to configure your new Wireguard VPN server. Simply copy the following batches of code into the Post Up and Post Down script fields, respectively:

Post Up:

iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

Post Down:

iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE

After this, hit the Save button in the bottom left (below the fields you just populated) Apply Config button in the upper right corner, then confirm by clicking Apply in the dialog box that pops up. After this, you will click over into the Global Settings tab on the left hand side of the window.

Check to make sure that the auto-populated public IP address is accurate, if it is, great, if not, you will have to find and enter the IP address of your server, and you can set DNS servers for your VPN, so say you want to add AdGuard, a PIHole, or perhaps content filtering to protect you and your family from garbage online (such as porn, gambling, drugs, or other sketchy things). On that subject, you could also set up your own DNS filtering through ControlD (https://controld.com), or add AdGuard and perhaps CleanBrowsing DNS addresses before you Save and Apply Changes.

Finally, in order to connect to your new VPN, you’ll need to set up a new client or two, so click the New Client button, and enter a user name and email, but leave the rest blank/ as they populate it. Then hit the Submit and Apply Config buttons, and your first client should be automatically set up and ready to use.

Next, we need to figure out how to connect to this VPN client, right?

Right, we do.

Here’s how to get it done on your Linux PC:

Click the Wireguard Clients tab on the left hand side of the WireguardUI window. You should see the client(s) you just set up.

Click the Download button on the client in question, then rename it something recognizable so that it is easier to do the next step:

Open your terminal

Copy this command:

nmcli connection import type wireguard file <yourfilename>.conf

Then open up your Settings app, navigate to the Network Connections section or tab, and you should see the WireGuard VPN connection available to you and then click it and click connect. After this, it should show up as connected, so if you ping your VPN server’ s private IP address, it should return a positive result, and lo & behold, you are connected to your brand new VPN. You can also confirm by going back to your WireguardUI window and looking at the Status tab.

But what about phones? Have no fear, I’ve got you covered:

Download the official WireGuard VPN Client app from your app store of choice, then open it and tap Add a Tunnel, then Create from QR Code. To get the QR code you need, go back to the WireGuard Clients tab again, and pick your client, and click the QR Code button, then capture the QR code with the app on your phone, and all should be set up for you. Once that is done, simply enable the profile, and you are protected.

https://linuxiac.com/how-to-set-up-wireguard-vpn-with-docker/ 


 

FN 2 – LibreOffice 7.5.3 Released

This one will be much shorter than the last story, as I won’t be talking you through installing and configuring anything, just reporting on a maintenance release for a popular FOSS office suite. I have often covered these releases on Tech Tips Tuesdays in the past, but they are a thing of the past now. Here we are… LibreOffice 7.5.3. This release squashes 119 bugs found in the previous release, and if you are a LibreOffice 7.5 user, you should certainly update to this as soon as you can, so that you can stop encountering those bugs. The 7.5 series will be actively developed until 7.6 comes out sometime this November. That is all. I used to use LibreOffice for everything, but recently began switching to OnlyOffice, which tends to be more stable and is easier to link up to NextCloud, as well. These days, I only use LibreOffice personally to read off my show notes on my streaming PC. That is not to say that it is crap, but the simplicity and closer compatibility of OnlyOffice feels like a better fit for me now.

https://9to5linux.com/libreoffice-7-5-3-is-now-available-for-download-with-119-bug-fixes 

Want to learn more about how to degoogle your phone and why?

https://techfreedom.pro/degoogled/ 

#TechFreedom #degoogled #degoogleyourlife #defintionsday #Truth
 

FN 3 – A Privacy Listicle from It’s FOSS

This is has 11 ideas, so we’ll more or less copy what he says, then comment on them a bit.

1. Secure & Hide Your Email

You can use email aliases to keep your actual email address private. We have a list of tools to help protect your email address. Choose any options like SimpleLogin or use the email alias addresses your email provider allows creating.

https://simplelogin.io 

Also, try using secure email services like Tutanota or ProtonMail for the best experience.

I hadn’t really thought about this… I should start doing this on my own, for sure. I have a few protonMail addresses, but don’t use them because I had already set up with Zoho for email and collaboration for my domains. Until Proton has an ecosystem as diverse as Zoho’s, I can’t see myself moving away from Zoho. True, as far as privacy and security, Zoho is not in the same realm as either Proton or Tutanota. The major leg up that they have, in my opinion is that they are geared to be a drop in replacement for Google Spaces and Office365 online (including Outlook, to a certain extent), but will not scrape your data for relevant Ad data or other, more nefarious things. The other two are end to end encrypted to the point where if you lose your password and do not have a recovery method set up, you will lose all of your emails.

https://zoho.com

https://proton.me 

https://tutanota.com 

2. Secure Your Internet

Use a secure or encrypted DNS like NextDNS or ControlD

Use a VPN to encrypt your internet connection

ProtonVPN and Mullvad VPN would be two excellent options, offering open-source clients and Linux support.

Funny, I just mentioned ControlD earlier, didn’t I? The encrypted DNS is key, 100% of the time, the VPN you can get by without unless you are out on public WiFi.

https://nextdns.io 

https://controld.com

https://proton.me

https://mullvad.net 

3. Secure Your Search Activity

I harp on this weekly. The top options here are probably Swisscows, Mojeek, Metager and SearX. A distant placing would be Brave Search. The reason I say that Brave Search has fallen from favor is that with the enfolding of AI, their index has shifted to the Left, where it used to be fairly balanced, if not conservative-leaning. All of them are far better than Yahoo, Bing, or Google Search, in terms of keeping your information under your control, though, so take your pick, try a few and see which one scratches your itch best. SearX is unique in that you can and should host your own instance, in a way, that is the ultimate in privacy, as you control the engine for your instance.

https://swisscows.com

https://mojeek.com

https://metager.org

https://github.com/searx/searx 

https://search.brave.com 

4. Use a Privacy-Focused Browser

Some popular options are Brave, LibreWolf, and Vivaldi. Only one of these is actually FOSS, in fact, the Vivaldi team will not even allow the browser to be packaged as a flatpak. Brave is not FOSS, either, but with a few tweaks, it certainly passes the privacy sniff test. LibreWolf is 100% FOSS, as it is a fork of FireFox, but geared to be about as private as possible without going Tor. For instance, it defaults to deleting all history and cookies every time you close the browser, so be aware of that.

https://brave.com 

https://librewolf.net 

https://vivaldi.net 

5. Do Not Install a Program You Don’t Know

Be careful with the stuff you download and run on your computer, whether you’re a Linux, Windoesn’t, or MacOS user. Research apps before  you randomly install things, they could just be malware. Ankush is right that there are a few tells that any piece of software is probably ok:

  1. Make sure that it is reasonably popular

  2. Not brand spanking new

  3. Is FOSS and has a stable release or 2

  4. Read the privacy policy to make sure any app is not just a black hole for your private data.

  5. Never just simply download unverified files from an email.

  6. Only grab software from official channels, unless the developers suggest getting it somewhere else.

6. Utilize All Privacy Tweaks and Options

Take a look at the privacy options for every single app and system-wide on your phone or computer. It will probably yield dividends for your privacy, as often it is possible to make things more private than they are by default, but you have to look for the settings in order to change them.

7. Use Secure Password Managers

Use something like KeepassXC or BitWarden, or even the Nextcloud password manager (tied to your own instance, ideally) to keep your passwords and credentials safe from prying eyes, and thereby keep your data safer. Don’t use browser based options, they can be more readily hacked.

https://keepassxc.org 

https://bitwarden.com 

8. Keep Your Notes Secure

If you take notes on your devices, these may be some of the best options for privacy.

Standard Notes and CryptPad are great and offer end to end encryption by default. There are of course others which are just as good. Just go hunting a bit.

https://standardnotes.com

https://crytpad.org 

9. Store or Backup on a Private Cloud Platform

You should always have multiple secure backup solutions in place, to make sure that your data is safe from disasters (whether natural or electronic), as well as from intruders. Most of us don’t have the time or know-how to set up and manage our own home storage servers for backup, so the next best solution is a secure cloud, such as Mega or pCloud, or a FOSS alternative like LibertyStratus, which is essentially a fork of NextCloud, which is the best self-hosted option out there for this. With NextCloud, you could create an instance on your own hardware, or set up a VPS with a hosting company and create other users and share files and communicate in your own little cloud whenever you’d like.

https://mega.nz

https://pcloud.com

https://libertystratus.org 

https://nextcloud.org 

Https://althatech.com (great little hosting company that I write blogs for)

10. Use Private Messengers

You can always utilize open-source and encrypted messengers like Signal (cross-platform) to secure your communications.

If you want a bit more privacy than that, you could spin up your own matrix server and connect to it with element or fluffy chat, or any of these other options (https://matrix.org/clients). 

11. Specialized Distributions

If you are adventurous and want to try an entirely different operating system tailored to give you a private experience, you can pick Tails OS, Whonix, or Qubes. These are the best for privacy, and each one has different approaches to the problem. Tails is designed to not have persistent storage, so if you unplug your flash drive from a computer, your data is gone. Whonix is designed to be run in a VM, where Tails is meant to be purely a live environment option. Qubes, on the other hand, can be installed normally, but is entirely containerized in such a way that once you close an application, all its data is irrevocably lost.

https://whonix.org 

https://tails.boum.org 

https://qubes-os.org

https://itsfoss.com/improve-privacy/ 

FF 1 –  Discord to Finally Make Usernames Make Sense

Are you a Discord user? Have you noticed that the usernames have always been a bit too random to easily search for friends? I’m not on discord, though I may hop on at some point kinda soon to actually participate in ministry there. We’ll see how that goes. I may invite him on to talk about his project, which is largely based on open source tech, if I’m not mistaken. He is a brilliant guy, actually leaves me feeling wanting when I talk to him because he knows so much. But I digress. I don’t know much about Discord, other than it is a voice chat tool which is often used by gamers, similar to Mumble and TeamTalk. I guess I’m just not that much of a gamer… Certainly not in this season of my life. Part of me misses it, but I like to be busy, and my plate is pretty full these days, so I’m good.

https://www.gamingonlinux.com/2023/05/discord-username-system-changing-to-make-it-easier-to-find-people/
 


 

FF 2 – Heroic Games Launcher Gets a new Hotfix

What needed a fix this time around? Well, it looks like users were having trouble getting past the captcha when trying to sign into Epic. Let’s see what else they worked on, shall we?

  • They’ve also added some keyboard shortcuts now too:

  • Command Or Control+R: Reloads the app.

  • Command Or Control+Q: Quits the app.

  • Command Or Control+Shift+I: Opens the dev tools.

  • Command Or Control+K: Opens the Heroic settings screen on the frontend.

  • Command Or Control+L: Opens the library screen.

  • Command Or Control+J: Opens the downloads screen.

Full changelog:

  • [Tech] Refactor Game Managers by @BrettCleary in #2578

  • [FIX]: Fix winemenubuilder not being disabled by @Etaash-mathamsetty in #2630

  • [FIX]: Fix playing status (again) by @Etaash-mathamsetty in #2626

  • [Enhancement]: When selecting item from search bar, it will take you directly to item’s game page by @JordanPlayz158 in #2614

  • Fix missing game settings info in logs by @arielj in #2638

  • [Enhancement]: Provide Wine-ge/Proton-ge latest version via wine manager by @Nocccer in #2513

  • [Enhancement] Add logic to Stores feature by @redromnon in #2622

  • [Fix] Searchbar and autoComplete UI by @redromnon in #2621

  • [Fix] Ignore Logitech’s G29 by @arielj in #2570

  • [Fix]: Blank screen on startup by @Nocccer in #2612

  • [FIX] Image search on Add Game Screen blocking finish button by @flavioislima in #2657

  • [Fix] Captcha not working on epic games page by @flavioislima in #2658

  • [GOG] Fix url for horizontal images for GOG downloads by @arielj in #2661

  • [FIX] Proper kill wine processes when hitting Stop Button by @Etaash-mathamsetty in #2666

  • Allow ‘null’ as lifespan so cachestore does not expire by @arielj in #2664

  • [Fix] Steam Shortcuts with missing runner by @flavioislima in #2660

  • [UX] Add Keyboard global shortcuts by @flavioislima in #2659

  • [i18n] Updated Translations by @weblate in #2636

https://www.gamingonlinux.com/2023/05/heroic-games-launcher-271-hotfix-1-fixes-up-epic-games-login/ 

Freed Computer

https://techfreedom.pro/freed-computer/ 

https://techfreedom.pro/free-your-pc

#freedcomputer #linux #nospying #safe #TechFreedom #Truth


 

FF 3 – Proton 8.0-2 Released

Here’s another small update, which pulled in some of Proton experimental’s work to, for one thing, make the EA app work again, since they keep messing with everybody over there at EA. Aside from that, here is a shortlist of things that got pulled in from experimental:

  • Fixed Baldur’s Gate 3 getting stuck on a black screen in Vulkan mode.

  • Fixed Divinity: Original Sin: Enhanced Edition and Divinity Original Sin II: Definitive Edition crashing on launch.

  • Fixed Path of Exile crashing.

  • Fixed memory leak in Trackmania and Ubisoft Connect overlay.

  • Improved Elden Ring compatibility compared to Proton 8.0-1. It can still be finicky.

  • Fixed Red Dead Redemption 2 and other games not starting after switching from Proton Experimental to stable.

Hmmm… I remember talking about the Path of Exile thing recently… Makes me want to play again, but I don’t dare until I get a better computer. Oh well… Thus is life. I also don’t really have time to get back into it. I was pretty deep in it for about 4-5 years right after it left beta, 10 years ago. Then kids happened and I realized that it wasn’t worth my time to play a dark A-RPG. I digress again, though… Good that major games like RDR and Elden Ring are getting plenty of love, as always. One thing you can generally count on in FOSS development is relatively incremental improvements happening on a regular basis. Enjoy your games, y’all.