FOSS Weekly #24.14: Homelab Special Edition (and Discussing XZ Backdoor in Linux)
This is a special FOSS Weekly edition as it focuses on Homelab. Wondering what is a homelab? Basically, it's a dedicated computer(s) set up which resides in your home and serves various open source software on your local network. So, you run your own cloud storage, media server and a lot more.
That's the simplest of the homelab. There is no limit to what you can do with a homelab. Just browse through the r/homelab subreddit and you'll be amazed at what your peers are doing with their homelab.
In my opinion, when you have been using Linux on your personal computer for long and start wondering what should I do next, the homelab is the answer. Not only you get control over your data, you also enhance your skills. It could also help you reduce electronic waste by putting older hardware to some good use.
We are already covering tutorials on Raspberry Pi and local AI set up. You'll be seeing more educational material on homelabs regularly on It's FOSS.
Based on the feedback I received from the previous newsletter, it seems a good majority of It's FOSS readers want regular recommendation on Android FOSS apps.
💬 Let's see what else you get in this edition:
- The XZ Utils backdoor almost causing havoc.
- Proxmox wasting no time in saving users from VMware.
- And other Linux news, videos and, of course, memes!
- This edition of FOSS Weekly is supported by Netdata.
✨ Netdata: Tailored Monitoring Solutions for Home Lab Environments
Netdata is on a mission to revolutionize observability & make it universally accessible. Whether you are a startup or a multinational corporation, a business or a home lab user.
Benefit from the Homelab plan, where for the cost of a beer per month, you can get access to all Business features. Empower your projects with Netdata's best.
🏠💻 Homelab! Sweet Homelab!
By now, you have some idea about what a homelab is. How do you get started with setting your own?
If you can spend some money, you can get Raspberry Pi or any other single board computer. However, recently, I got an excellent 'plug and play' Homelab device in the form of ZimaBoard.
If you don't have the budget, you can use older computers and servers for this purpose. If you have one lying around in your house, good. Otherwise, you may try getting a used one from eBay like websites in your country.
Once you have got the hardware, it's time for the operating system. Now, you may install lightweight Linux distributions or simply go with server distros. But I think it will be easier if you try an operating system specially crafted for Homelab. Here are my recommendations:
If you are a bit experienced, you can have a rather advanced homelab setup using virtualization tools like Proxmox. My colleague Helder prefers this method. Here's a good learning resource on Proxmox, if you are interested.
When you are running too many services in your homelab, it may become difficult to manage them. This is where dashboard software come into the picture.
You have enough information now to plan your own homelab (if you want it). Happy homelabbing 😄
📰 Linux news
- Proxmox is taking full advantage of VMware's recent missteps.
- KDE has showcased a new note-taking app that might sound familiar.
- Nitrux switching to Maui Shell from late-2024, parting ways with KDE Plasma.
- Flowblade 2.14 is an important release that is building up towards a GTK4 port.
- M17 announces new open-source hardware for amateur radio enthusiasts.
🧠 What we’re thinking about
Talk of this week/month/year/decade is the very sophisticated supply chain attack to install a backdoor in XZ utility to compromise Linux servers running SSH.
How? The attacker gained trust by contributing to the project and became one of the main developers. He pushed some hidden malicious code which gets activated only in certain cases and impacts the SSH connections. And thus compromising the integrity of a Linux server.
The thing is that since it was all open source and hence it got detected by a Microsoft Engineer who noticed a 0.5 second delay with SSH.
Intriguing, isn't it? Imagine if XZ Utils was a proprietary tool. This would have probably never been discovered.
📹 What we are watching
Kenny sums up the recent xz backdoor fiasco.
✨ Project highlights
Thorium, a Chromium fork that claims to be “the fastest browser on Earth”.
🧩 New quiz unit
Time for some (web) development.
💡 Quick handy tip
You can name Brave/Chrome browser windows to identify its purpose.
Right-Click on any empty space on the toolbar area and then select the “Name Window” option. Now, type the name you need and click “OK”.
These windows will now be alphabetically shown on Brave/Chrome, when you hover over the icon on the taskbar.
🤣 Meme of the week
The XZ backdoor fiasco also resulted in a memefest
🗓️ Tech Trivia
On April 1,2004. Gmail was launched as an invitation-only mail service that many thought was an April Fool's prank. On that note, did you check out our recent prank?
🧑🤝🧑 FOSSverse corner
Many FOSSers, including me, have been discussing the extent of the xz backdoor. You are encouraged to give your opinions too!
❤️ With love
Share it with your Linux-using friends and encourage them to subscribe (hint: it's here).
Share the articles in Linux Subreddits and community forums.
Follow us on Google News and stay updated in your News feed.
Opt for It's FOSS Plus membership and support us 🙏
Enjoy using Linux 😄
Source: It's FOSS