FOSS Weekly #24.14: Homelab Special Edition (and Discussing XZ Backdoor in Linux)

This is a special FOSS Weekly edition as it focuses on Homelab. Wondering what is a homelab? Basically, it’s a dedicated computer(s) set up which resides in your home and serves various open source software on your local network. So, you run your own cloud storage, media server and a lot more.

What is a Homelab and Why Should You Have One?
Having a homelab setup has multiple advantages. Learn what it is and why you should consider a homelab for yourself.
FOSS Weekly #24.14: Homelab Special Edition (and Discussing XZ Backdoor in Linux)

That’s the simplest of the homelab. There is no limit to what you can do with a homelab. Just browse through the r/homelab subreddit and you’ll be amazed at what your peers are doing with their homelab.

In my opinion, when you have been using Linux on your personal computer for long and start wondering what should I do next, the homelab is the answer. Not only you get control over your data, you also enhance your skills. It could also help you reduce electronic waste by putting older hardware to some good use.

We are already covering tutorials on Raspberry Pi and local AI set up. You’ll be seeing more educational material on homelabs regularly on It’s FOSS.

Based on the feedback I received from the previous newsletter, it seems a good majority of It’s FOSS readers want regular recommendation on Android FOSS apps.

๐Ÿ’ฌ Let’s see what else you get in this edition:

  • The XZ Utils backdoor almost causing havoc.
  • Proxmox wasting no time in saving users from VMware.
  • And other Linux news, videos and, of course, memes!
  • This edition of FOSS Weekly is supported by Netdata.

โœจ Netdata: Tailored Monitoring Solutions for Home Lab Environments

Netdata is on a mission to revolutionize observability & make it universally accessible. Whether you are a startup or a multinational corporation, a business or a home lab user.

Benefit from the Homelab plan, where for the cost of a beer per month, you can get access to all Business features. Empower your projects with Netdata’s best.

Netdata: Monitoring and troubleshooting transformed
Netdata is a distributed real-time, health monitoring platform for systems, hardware, containers & applications, collecting metrics. Zero configuration needed.
FOSS Weekly #24.14: Homelab Special Edition (and Discussing XZ Backdoor in Linux)

๐Ÿ ๐Ÿ’ป Homelab! Sweet Homelab!

By now, you have some idea about what a homelab is. How do you get started with setting your own?

If you can spend some money, you can get Raspberry Pi or any other single board computer. However, recently, I got an excellent ‘plug and play’ Homelab device in the form of ZimaBoard.

ZimaBoard Turned My Dream of Owning a Homelab into Reality
Get control of your data by hosting open source software easily with this plug and play homelab device.
FOSS Weekly #24.14: Homelab Special Edition (and Discussing XZ Backdoor in Linux)

If you don’t have the budget, you can use older computers and servers for this purpose. If you have one lying around in your house, good. Otherwise, you may try getting a used one from eBay like websites in your country.

Once you have got the hardware, it’s time for the operating system. Now, you may install lightweight Linux distributions or simply go with server distros. But I think it will be easier if you try an operating system specially crafted for Homelab. Here are my recommendations:

  • Yunohost
  • CasaOS (by the makers of ZimaBoard)
  • UmbrelOS

If you are a bit experienced, you can have a rather advanced homelab setup using virtualization tools like Proxmox. My colleague Helder prefers this method. Here’s a good learning resource on Proxmox, if you are interested.

Getting Started With Proxmox
A tutorial searies that covers everything from installing and upgrading Proxmox to using it for creating and managing VMs.
FOSS Weekly #24.14: Homelab Special Edition (and Discussing XZ Backdoor in Linux)

When you are running too many services in your homelab, it may become difficult to manage them. This is where dashboard software come into the picture.

Dashy | Dashy
Dashy, the self-hosted dashboard app for your homelab
FOSS Weekly #24.14: Homelab Special Edition (and Discussing XZ Backdoor in Linux)

You have enough information now to plan your own homelab (if you want it). Happy homelabbing ๐Ÿ˜„


๐Ÿ“ฐ Linux news

  • Proxmox is taking full advantage of VMware’s recent missteps.
  • KDE has showcased a new note-taking app that might sound familiar.
  • Nitrux switching to Maui Shell from late-2024, parting ways with KDE Plasma.
  • Flowblade 2.14 is an important release that is building up towards a GTK4 port.
  • M17 announces new open-source hardware for amateur radio enthusiasts.

๐Ÿง  What weโ€™re thinking about

Talk of this week/month/year/decade is the very sophisticated supply chain attack to install a backdoor in XZ utility to compromise Linux servers running SSH.

How? The attacker gained trust by contributing to the project and became one of the main developers. He pushed some hidden malicious code which gets activated only in certain cases and impacts the SSH connections. And thus compromising the integrity of a Linux server.

The thing is that since it was all open source and hence it got detected by a Microsoft Engineer who noticed a 0.5 second delay with SSH.

Intriguing, isn’t it? Imagine if XZ Utils was a proprietary tool. This would have probably never been discovered.

The XZ Utils Backdoor in Linux: How it Happened
It was just moments before a disastrous security incident happened.
FOSS Weekly #24.14: Homelab Special Edition (and Discussing XZ Backdoor in Linux)

๐Ÿ“น What we are watching

Kenny sums up the recent xz backdoor fiasco.


โœจ Project highlights

Thorium, a Chromium fork that claims to be โ€œthe fastest browser on Earthโ€.

Thorium: The Fastest Open Source Chromium-based Browser?
Fast like Lightning McQueen?
FOSS Weekly #24.14: Homelab Special Edition (and Discussing XZ Backdoor in Linux)

๐Ÿงฉ New quiz unit

Time for some (web) development.

Open-Source Web Dev Tools: Quiz
Are you a web developer or want to be one? Check out some open-source tools that youโ€™re going to come across in your journey.
FOSS Weekly #24.14: Homelab Special Edition (and Discussing XZ Backdoor in Linux)

๐Ÿ’ก Quick handy tip

You can name Brave/Chrome browser windows to identify its purpose.

Right-Click on any empty space on the toolbar area and then select the โ€œName Windowโ€ option. Now, type the name you need and click โ€œOKโ€.

FOSS Weekly #24.14: Homelab Special Edition (and Discussing XZ Backdoor in Linux)

These windows will now be alphabetically shown on Brave/Chrome, when you hover over the icon on the taskbar.

FOSS Weekly #24.14: Homelab Special Edition (and Discussing XZ Backdoor in Linux)


๐Ÿคฃ Meme of the week

The XZ backdoor fiasco also resulted in a memefest

FOSS Weekly #24.14: Homelab Special Edition (and Discussing XZ Backdoor in Linux)

๐Ÿ—“๏ธ Tech Trivia

On April 1,2004. Gmail was launched as an invitation-only mail service that many thought was an April Fool’s prank. On that note, did you check out our recent prank?

Microsoft Decides to Promote Ubuntu to Windows 10 Users
What a day to be alive!
FOSS Weekly #24.14: Homelab Special Edition (and Discussing XZ Backdoor in Linux)

๐Ÿง‘โ€๐Ÿคโ€๐Ÿง‘ FOSSverse corner

Many FOSSers, including me, have been discussing the extent of the xz backdoor. You are encouraged to give your opinions too!

Xz utility had backdoor
Some of you might have come across the current hot topic in Linux world right now. The compression utility xz was backdoored in the recent versions and that too by one of its developers. He even tried pushing for the backdoored version to be included in the upcoming Ubuntu 24.04 and Fedora 41.
FOSS Weekly #24.14: Homelab Special Edition (and Discussing XZ Backdoor in Linux)

โค๏ธ With love

Share it with your Linux-using friendsย and encourage them to subscribe (hint:ย it’s here).

Share the articles in Linux Subreddits and community forums.

Follow us on Google News and stay updated in your News feed.

Opt forย It’s FOSS Plus membershipย and support us ๐Ÿ™

Enjoy using Linux ๐Ÿ˜„

Leave a Comment