croc – another file transfer method

I have lost count of the number of times I have had to send a large file to someone at work, usually in a hurry. I’ve used Dropbox, ownCloud, Firefox Send (no longer available) etc. Transferring large files became a bit easier when e-mail service providers increased the size limit for attachments, but that is still not a solution for very large files. The xkcd cartoon FILE TRANSFER sums up the situation nicely.

I recently discovered the command line utility croc, which the author claims is a way to ‘easily and securely transfer stuff from one computer to another.’ I thought I’d give it a try, if only to have another tool to fall back on in an emergency. It does rely on both ends having croc installed, but hopefully that should not be a show-stopper as croc is available for Linux, Windows, macOS and BSD. To quote the author:

croc differs from a utility like scp because it doesn’t require any two computers to have enabled port-forwarding. Instead, croc will uses a relay – a temporary server setup locally (if both computers are on lan) or publicly (default is at croc4.schollz.com). Any two computers can connect to the relay, and after securing their channel with PAKE [password authenticated key exchange], they can transfer encrypted metadata and data through the relay. The relay works by first having the computers communicate the PAKE protocol via websockets, and then exchanging encrypted metadata, and then stapling the TCP connections directly so that they can transfer directly.

So, to use croc you will be dependent on the public relay provided by the author unless you set up your own relay (instructions are provided in the author’s original 2018 blog post introducing croc – see link above – and in various third-party articles about croc, such as ‘Securely Transfer Files and Folders Between Computers Using Croc‘ and ‘Transfer Files And Folders Between Computers With Croc‘).

Anyway, I installed croc in Lubuntu and Gentoo Linux from the author’s GitHub repository and indeed it is easy to use and works fine. The binary releases for the various OSs and Linux distributions can be found on the Releases page of the GitHub repository or via the OS package manager.

Lubuntu 20.10:

user $ wget https://github.com/schollz/croc/releases/download/v9.1.6/croc_9.1.6_Linux-64bit.deb
user $ sudo dpkg -i croc_9.1.6_Linux-64bit.deb

Gentoo Linux:

root # emerge net-misc/croc

(Note that croc ebuilds are not currently marked as Stable in the Gentoo Linux Portage tree, so you’ll have to unmask them by keyword if you are using the Stable branch.)

Termux:

I even installed croc in Termux on my Samsung Galaxy Note 20 Ultra 5G, and it works in Android too:

$ pkg install croc

Other OSs and other Linux distributions:

See the instructions in the README file online.

Using croc

Using croc is as simple as entering a command on one computer, informing (via e-mail, telephone, SMS, Signal or other social media) the person using the other computer of the command to use, and entering that command on the other computer. For example:

Sender

user $ croc send Documents/flight-times.ods
Sending 'flight-times.ods' (16.6 kB)
Code is: 8878-salary-courage-roger
On the other computer run

croc 8878-salary-courage-roger

Receiver

user $ croc 8878-salary-courage-roger
Accept 'flight-times.ods' (16.6 kB)? (Y/n) 

If the receiving user then enters ‘Y’, the sending user sees something similar to this:

user $ croc send Documents/flight-times.ods
Sending 'flight-times.ods' (16.6 kB)
Code is: 8878-salary-courage-roger
On the other computer run

croc 8878-salary-courage-roger

Sending (->192.168.1.74:60740)
 100% |████████████████████| (17/17 kB, 10.918 MB/s)
user $ 

and the receiving user sees something similar to this:

user $ croc 8878-salary-courage-roger
Accept 'flight-times.ods' (16.6 kB)? (Y/n) Y

Receiving (<-[::1]:39442)
 100% |████████████████████| (17/17 kB, 3.989 MB/s)
user $ 

The observant reader will notice that the above example shows a file being transferred on the same computer. When transferred between different computers the IP addresses of each computer will be displayed instead. I have used croc to transfer files between different computers on my home network (I would normally just use my NAS for this, though), between remote computers on the Internet, and between my computers and my phone via mobile broadband, and croc works in all cases.

I have not mentioned all croc’s features. I’ll leave you to read up on croc in more detail in the links I’ve given above. It looks like it might be a useful tool to have installed.

Using adb tools in Linux to remove bloatware from my Samsung Galaxy Note 20 Ultra

Samsung included a lot of bloatware on my Galaxy Note 20 Ultra 5G, and it is not possible to uninstall it using Play Store. However, it is possible to remove this stuff using adb tools. I got rid of the bloatware I don’t want very easily using the Linux version of the adb tools.

I have never had a Facebook account and never will, so I decided to remove all trace of it as follows:

1. Installed adb tools

In Lubuntu 20.10:

user $ sudo apt install android-tools-adb

In Gentoo Linux:

root # emerge dev-util/android-tools

2. Enabled ‘Developer Options’ on the phone

‘Settings’ > ‘About Phone’ > ‘Software Information’ and quickly tapped 7 times on ‘Build number’.

3. Enabled USB Debugging on the phone

‘Settings’ > ‘Developer options’, scrolled down and tapped on ‘USB debugging’.

4. Launched adb

user $ adb start-server
* daemon not running; starting now at tcp:5037
* daemon started successfully

5. Connected the phone to the computer using the USB cable

A few prompts on the phone asked whether or not I wanted to allow USB debugging. Tapped ‘Always allow from this computer’ and tapped ‘OK’.

6. Uninstalled Facebook

The packages I needed to uninstall were:

com.facebook.appmanager
com.facebook.katana
com.facebook.services
com.facebook.system

First I tried to uninstall with the ‘-k‘ option:

user $ adb uninstall -k --user 0 com.facebook.appmanager
The -k option uninstalls the application while retaining the data/cache.
At the moment, there is no way to remove the remaining data.
You will have to reinstall the application with the same signature, and fully uninstall it.
If you truly wish to continue, execute 'adb shell cmd package uninstall -k'.

See ‘Difference between pm clear and pm uninstall -k on Android

I have never been a member of Facebook and never will, so I dispensed with the ‘-k‘ option and entered the following commands:

user $ adb uninstall --user 0 com.facebook.appmanager
Success
user $ adb uninstall --user 0 com.facebook.katana
Success
user $ adb uninstall --user 0 com.facebook.services
Success
user $ adb uninstall --user 0 com.facebook.system
Success

I didn’t want the LinkedIn, Samsung Global Goals and Spotify apps either, so I uninstalled those too:

user $ adb uninstall --user 0 com.linkedin.android
Success
user $ adb uninstall --user 0 com.samsung.sree
Success
user $ adb uninstall --user 0 com.spotify.music
Success

7. Stopped the adb server on the computer

user $ adb kill-server

8. Unplugged the phone from the computer.

That’s it.

In order to disable the apps using this method, you will need to know the exact package name of the app you want to get rid of. For this, use Play Store and install App Inspector (there are several apps with this name in Play Store; I installed the app by Projectoria Ltd but the others look OK too). Launch App Inspector and you can find the package name under the name of the app. This starts with a ‘com‘ or ‘net‘ followed by words separated by dots.

For example, App Inspector shows the package name for LinkedIn as ‘com.linkedin.android‘.

Some useful links:

To get a list of all the packages installed on my phone:

user $ adb shell pm list packages

To get a list of system apps only:

user $ adb shell pm list packages -s

To get a list of only Samsung packages:

user $ adb shell pm list packages | grep samsung

To search for e.g. facebook packages:

user $ adb shell pm list packages | grep facebook

(Returns nothing now, as I already deleted all the Facebook packages. Yay!)

To search for other packages, e.g.:

user $ adb shell pm list packages | grep kids
package:com.samsung.android.kidsinstaller
package:com.sec.android.app.kidshome

Installing Linux on an old Motorola Xoom tablet

Motorola Xoom MZ604 tablet

Back in March 2012 I bought a Motorola Xoom Android tablet (Model MZ604 UK), when tablets were going to be the next big thing. It was available in two versions: 3G and Wi-Fi, and it was the latter version I purchased. When it was released in early 2011 the Xoom was state-of-the-art with its NVIDIA Tegra 2 chip, 1 GB RAM, 32 GB internal storage memory, microSD Card slot (up to 32 GB), Wi-Fi, Bluetooth, GPS, gyroscope, magnetometer, accelerometer, barometer and Android 3.0, trumping the first Apple iPad and Samsung’s Galaxy Tab. It has a 2 MP front-facing camera and 5 MP rear-facing camera that records 720p video, supports 720p video playback, has a 10.1-inch display (1280×800 pixels) and 3D graphics acceleration, and a micro HDMI port.

Apple launched the iPad 2 almost immediately after Motorola launched the Xoom, and the Xoom looked outclassed. By the time I bought my Xoom in March 2012 Motorola was already discounting it. Motorola issued a couple of Android updates for the UK Xoom before the company stopped supporting it, although I think mine lost its second update (Android 4.1.1, if I recall correctly) after I factory-reset it several years later when it became very sluggish. Anyway, ‘Settings’ > ‘About tablet’ tells me it currently has Android 4.0.4 installed.

It had been gathering dust on a shelf for several years until I decided to dust it off yesterday to see if there was anything useful I could still do with it (the answer is: not much). None of the apps on it can be upgraded. The version of the Play Store app can no longer access the Google app store. Even if it could, most of the apps in the app store cannot run in Android 4.0.4. The YouTube app cannot access YouTube. The Web browser cannot browse many modern Web sites and can no longer download files either, displaying a message that the browser is no longer supported and must be updated — except that it cannot be. The Google Talk app no longer works since Google pulled the plug on its Talk service (not that I ever used Google Talk anyway). The Gmail app still works, but I don’t use Gmail either. The Maps app still works, as do the Music and Gallery apps.

I connected the Xoom to my desktop machine using a USB cable (Type-A to Micro-USB) and was able to copy files quickly and easily to and from the Xoom. I systematically set about finding versions of Android APK files on the Web that the Xoom would be able to install. APKPure for Android is one of several Web sites to find older versions of APK files. The latest versions I found that the Xoom could install are as follows:

Google Chrome browser

com.android.chrome-42.0.2311.111-2311111-minAPI14.apk

This old version of the Google Chrome browser works better than the browser supplied with Android 4.0.4 on the Xoom but is still not much use, as it cannot browse many sites and cannot download files either. It can access YouTube and play some of the videos, which is some consolation given that neither the browser nor the YouTube apps supplied with Android 4.0.4 can access YouTube any more.

File Manager + (an excellent Android app, by the way)

File Manager_v2.6.0_apkpure.com.apk

This older version of File Manager + works well in Android 4.0.4 on the Xoom, and even enables me to browse files on my Cloud server via WebDAV, although the Xoom cannot open hi-res photos (4032×3024 etc.) via WebDAV. This version of File Manager + supports SMBv1 but not later versions of the protocol, so I cannot browse SMB shares on my home network, as all my machines use either SMBv2 or SMBv3. Pity.

Total Commander

Total Commander file manager_v3.20_apkpure.com.apk
WebDAV plugin Total Commander_v3.01_apkpure.com.apk
LAN plugin for Total Commander_v3.20_apkpure.com.apk

Although I find Total Commander’s UI rather old-fashioned, with the WebDAV and LAN plugins installed I can browse files on my Cloud server via WebDAV, and browse files on my NAS via SMBv2/v3. So Total Commander works well, and the Xoom can open hi-res photos (4032×3024 etc.) via either protocol.

NewPipe legacy (forked by sh000gun to work with Android 4.0+)

NewpipeLegacy-armeabi-v7a-API-14.apk

This open-source YouTube app works in Android 4.0.4 on the Xoom and allows me to view some YouTube videos, although the app tends to crash quite often. Still, it is better than the YouTube app supplied with Android 4.0.4 on the Xoom, as that does not work at all and cannot be upgraded.

Linux

The following Android apps enabled me to root the Xoom and install and run an old version of Linux in a chroot:

BusyBox_v64_apkpure.com.apk

Linux Deploy_v2.5.0_apkpure.com.apk

VNC Viewer Remote Desktop_v2.1.1.019679_apkpure.com.apk

Those were the most-recent versions of the BusyBox, Linux Deploy and VNC Viewer apps for Android that the Xoom could manage to install.

Motorola Xoom MZ604 tablet

I downloaded the tarball LAIOT.tar.gz from the following Web page and extracted the file TiamatCWM.img from it:

https://sourceforge.net/projects/laiot/files/LAIOT.tar.gz/download?use_mirror=phoenixnap&r=&use_mirror=master

Note: Do NOT try to run the shell scripts in LAIOT, because they are out of date and will mess up the ADB and Fastboot tools in Linux on the desktop machine.

To be able to install Linux it was first necessary to root Android 4.0.4 on the Xoom. I used a modified version of the procedure given in the 2014 blog post Motorola Xoom Root on Linux:

• I installed ADB and Fastboot on a desktop machine running Lubuntu 20.10:

user $ sudo apt install adb
user $ sudo apt install fastboot

• I enabled the USB Debugging mode on the Xoom (‘Settings’ > ‘Developer options’).
• I downloaded the file Xoom-Universal-Root.zip from XDA Developers Forums thread [Root] Universal Xoom Root – ANY XOOM ANY UPDATE. The main link in that thread no longer works but a link in Post #411 in the thread still downloads the file.
• I inserted a 32 GB microSD card in the Xoom microSD Card slot.
• I connected the Xoom to the desktop machine via a USB cable.
• I copied the file Xoom-Universal-Root.zip to the microSD card.
• I checked connectivity:

user $ adb devices
* daemon not running. starting it now on port 5037 *
* daemon started successfully *
List of devices attached 
0299918743aad023        device

• I reboot the Xoom:

user $ adb reboot bootloader

• ‘Starting Fastboot protocol support’ was displayed on the Xoom’s boot screen. I typed the following commands on the desktop machine:

user $ fastboot oem unlock

• In response to a question on the text screen on the Xoom I pressed Volume Down (accept) then Volume Up (confirm).
• I repeated the process to confirm, i.e. I pressed Volume Down (accept) then Volume Up (confirm).
• ‘Device unlock operation in progress’ appeared on the Xoom screen and the Xoom rebooted.
• The bootloader was now unlocked.
• I typed the following commands on the desktop machine:

user $ adb reboot bootloader
user $ fastboot flash recovery TiamatCWM.img

• When flashing was complete I rebooted the Xoom by pressing Volume Up + the ON/OFF button.
• Upon booting, when the Motorola logo appeared I pressed Volume Down.
• ‘Android Recovery’ appeared in the top left corner of the screen.
• I pressed Volume Up to enter recovery mode.
• This mode is called ‘ClockworkMod recovery’. I selected ‘Install zip from sdcard’ > ‘Choose zip from sdcard’, then selected the zip file I had downloaded earlier to the microSD card (Use Volume Up/Down to navigate and ON/OFF to select).
• I rebooted, and root access was enabled. I verified this by downloading the Android app ‘Root Checker_v6.5.0_apkpure.com.apk’, copying it to the Xoom via USB, installing it and launching the app.

Now that the Xoom had been rooted, I could proceed with installing Linux in a chroot. To do this I followed the procedure given in the 2017 Android Authority article How to install a Linux desktop on your Android device. In the Linux Deploy app I selected ‘Ubuntu’ as the distribution, ‘Precise [Pangolin]’ as the distribution suite, and LXDE as the desktop environment. I installed the three apps BusyBox, Linux Deploy and VNC Viewer, launched the BusyBox app and tapped ‘Install’. Then I launched Linux Deploy, tapped the configuration icon next to the STOP button in the top right of the screen and configured Linux Deploy as follows:

BOOTSTRAP

	Distribution
	Ubuntu

	Architecture
	armhf

	Distribution suite
	precise

	Source path
	http://ports.ubuntu.com/

	Installation type
	File

	Installation path
	${EXTERNAL_STORAGE}/linux.img

	Image size (MB)
	Automatic calculation

	File system
	ext4

	User name
	root

	User password
	android

	Privileged users
	root

	Localization
	C

	DNS
	Automatic detection

	Network trigger

	Power trigger

INIT

	Enable
	Allow to use a initialization system  <--- NOT TICKED

	Init system
	run-parts

	Init settings
	Change settings for the initialization system

MOUNTS

	Enable
	Allow to mount the Android resources  <--- NOT TICKED

	Mount points
	Edit the mount points list

SSH

	Enable
	Allow to use a SSH server  <--- NOT TICKED

	SSH settings
	Change settings for SSH server

PULSEAUDIO

	Enable
	Allow to use an audio output  <--- NOT TICKED

GUI

	Enable
	Allow to use a graphical environment  <--- TICKED

	Graphics subsystem
	VNC

	GUI settings
	Change settings for the graphics subsystem

	Desktop environment
	LXDE

Then I tapped the three-dot icon in the top right of the screen, tapped ‘Install’ then ‘OK’. Once the messages on the screen stopped scrolling and a final message ‘<<< deploy’ was displayed, I tapped the START arrow and ‘OK’.

Linux Deploy running on the Motorola Xoom MZ604 tablet

I launched VNC Viewer, tapped the ‘+’ icon to add a new connection, entered ‘localhost:5900’ for the address and ‘Linux’ for the name, tapped ‘CREATE’ then ‘CONNECT’. From there I was prompted to enter the password I had specified previously under ‘User password’ (see above), and the LXDE Desktop was displayed.

Motorola Xoom MZ604 tablet running Ubuntu Precise Pangolin with LXDE in a chroot

After following the procedure in the above-mentioned article to configure and install the Linux image, subsequently I use the following steps to start and stop Linux on the Xoom:

To start Linux on the Xoom, use Linux Deploy.
Press the ‘START’ arrow at the top right of the Linux Deploy screen.
Then open VNC and press ‘Connect’.

To exit Linux on the Xoom, use Linux Deploy.
Tap the square ‘STOP’ button at the top right of the Linux Deploy screen.
Tap ‘OK’ to ‘Stop services & unmount the container’.
Then tap the menu button (three horizontal bars) at the top left of the Linux Deploy screen.
Tap ‘Exit’.

To exit VNC Viewer:
Press the ‘Recent Apps’ icon (two overlapping rectangles) at the bottom left of the Xoom’s Android screen.
Swipe to the left to close the app.

The phone name assigned automatically by Android on my new phone prevented Bluetooth pairing and connecting in Linux

I recently installed Lubuntu 20.10 on a desktop machine, but Bluetooth did not work with my new phone (Samsung Galaxy Note 20 Ultra with Android 11). Bluetooth had worked fine in Lubuntu 18.04 on the same desktop machine with my previous Android phone (Samsung Galaxy Note 8 with Android 9).

The first thing I discovered was that, although the Lubuntu 20.10 Installer had installed Bluez, it had not installed a Bluetooth manager, so I installed Blueman:

$ sudo apt install blueman

Then, I re-installed Bluez just to be sure:

$ sudo apt install --reinstall bluez

The Bluetooth device was detected but Lubuntu 20.10 would not pair with my new phone.

The Bluetooth device was definitely unblocked:

$ rfkill --output-all
ID TYPE      DEVICE TYPE-DESC         SOFT      HARD
 1 wlan      phy0   Wireless LAN unblocked unblocked
 2 bluetooth hci0   Bluetooth    unblocked unblocked

Now, the phone name Android 11 had assigned automatically to my new phone was Fitzcarraldo’s Galaxy Note20 Ultra 5G. After trying many things, I began to wonder if the apostrophe in the phone name was causing the problem, so I changed the name in the phone (Settings > About phone > Edit) to Fitzcarraldo Galaxy Note20 Ultra 5G. Blueman/Bluez were then able to pair with, and connect to, the phone. Problem solved, but what a silly cause.

Why I switched from WhatsApp to Signal

I had avoided WhatsApp until late 2017 when one of my family installed it on my phone with the promise I would find it useful to keep in touch during a two-month work trip. Actually, it turned out to be more useful for work, as WhatsApp is the preferred method of communication at the company I visited on that trip.

Now, I was aware that Facebook acquired WhatsApp in 2014 for US$19 billion. I do not have a Facebook account and have no intention of getting one, and the fact Facebook owns WhatsApp was one of the reasons I had been reluctant to install WhatsApp in the first place. However, it didn’t take me long to like WhatsApp. The UI is very well designed, the functionality excellent and WhatsApp Web is easy and convenient to use. WhatsApp is a polished product, no doubt about that. The end-to-end encryption of WhatsApp messages is comforting, although that was not my main reason for using it. Offhand I can only think of one function I find annoying in the WhatsApp UI: when you forward a message containing an image, there is no automatic way to include the text accompanying the original message.

Recently I have read several articles stating that Facebook intends to display advertising in WhatsApp from 2020 onwards. I am sick and tired of ‘surveillance capitalism‘ tracking me and bombarding me with advertising on the Web, and this news prompted me to search for a replacement for WhatsApp. A newspaper article mentioned Signal, which I learned happens to be the source of the encryption protocol used by WhatsApp. I also learned that WhatsApp co-founder Brian Acton, who left Facebook in 2017, is Executive Chairman of the Signal Foundation, which he co-founded with the creator of Signal in 2018. So I decided to give Signal a try, and was pleasantly surprised as the UI is very similar to WhatsApp. OK, it’s not quite as polished aesthetically, but it was easy to use from the get-go.

I initially found Signal’s security-related functionality confusing. I was not sure what the so-called ‘Safety Number‘ per contact does. It turns out that you can ensure your connection with a given contact is secure by ‘verifying the Safety Number’ with that contact. From then onwards ‘Verified‘ will appear next to the contact’s name and phone number at the top of the conversation window. Verifying the Safety Number is optional, which was not clear to me initially. Each contact’s Safety Number is actually a 3 x 4 table of 5-digit numbers. You should compare the Safety Number in your app with the Safety Number in your contact’s app in a way that prevents someone intercepting you both; you can either scan a QR Code or make a visual or audible comparison of the Safety Number in your app with the Safety Number in your contact’s app. If both Safety Number tables match, you can both click on ‘Mark as verified’ in your app. The app will then warn you if a safety number has been changed because someone is intercepting your conversation (a so-called ‘man-in-the-middle’ attack).

The other security-related function I found confusing initially is resetting a session (‘Settings’ > ‘Reset session’). It is normally not necessary for you to touch this, but, if for some reason the encryption keys between two contacts no longer match (the Signal app would notify you if that occurs), either party can reset their session and force Signal to negotiate a new session.

Unlike WhatsApp, Signal does not have a Web browser UI to use on desktop machines. It used to have such an interface (using Google’s Chrome browser) but now there is a Signal desktop app instead, with versions available for Windows, Mac OS and Linux. I have Gentoo Linux on my laptops and Lubuntu Linux on the family desktop, so I have installed the Linux desktop Signal app on those machines.

Unlike WhatsApp, the phone app and the desktop app do not sync earlier messages. By this I mean that, if you install the desktop app and launch it, you will not see any earlier messages that are visible in the phone app. Similarly, if you delete a message in the phone app it will not be deleted in the desktop app, and vice versa. This is a bit of a nuisance, but is OK once you get used to it. Perhaps this has been done with security as well as storage capacity in mind; Signal stores as little of your data as possible on its servers.

Below are a few aspects of Signal functionality that I prefer over WhatsApp:

  • In the phone app it is possible to set the colour of the background (‘wallpaper’) for contacts, not just the top-level page. Thus I have made the background black for contacts to help a little to conserve the phone’s battery charge.
  • When I forward a message that includes an image, Signal includes the original text as well as the image. Further more, it gives me the opportunity to edit the message text before actually forwarding the message.
  • When I forward a message containing an image, the whole image is displayed. For example, recently someone sent me a WhatsApp message containing a cartoon which I did not understand; I did not realise there was a caption until I tapped on the image to expand it. When I forwarded the message to a Signal contact (by selecting the message in WhatsApp and tapping the Share icon), the caption at the bottom of the cartoon was visible in the resulting Signal message without needing to tap on the image.
  • The Signal phone app lets you disable link previews (a.k.a. ‘URL previews’) easily in Settings, whereas you cannot disable link previews in WhatsApp (see Should WhatsApp let you disable URL previews?).
  • Signal allows you to specify a message lifetime (‘Disappearing messages’). You can specify that messages will never be deleted automatically, or will be deleted after a certain time has elapsed (user-selectable from 5 seconds up to 1 week).
  • Although WhatsApp uses Signal’s encryption technology, unlike Signal it does not encrypt backups.
  • Unlike WhatsApp, Signal does not store message metadata.
  • Signal is fully open-source (and free of charge, with a promise of no advertising). WhatsApp is closed-source.
  • The icons of contacts are obtained from your phone’s contact list, not specified within the app itself. Some of my WhatsApp contacts have not bothered to create an icon in WhatsApp, but I had set up an icon for them in my phone’s contact list, and that icon is used in Signal.

Below are a few aspects of WhatsApp functionality that I prefer over Signal:

  • Signal has the ability to show link previews for a few Web sites (currently for Imgur, Instagram, Reddit, and YouTube only), whereas WhatsApp shows them for all sites. (From a security perspective some people might regard this as a disadvantage of WhatsApp.)
  • I prefer the white/green ticks in WhatsApp to the unfilled/filled circles with ticks in Signal, but that is purely an aesthetic opinion.
  • WhatsApp syncs all messages between the phone app and the Web UI, not just new messages, whereas Signal just syncs the messages sent and received since you installed the desktop app. (From a Security perspective some people might regard this as an advantage of Signal over WhatsApp.)

Conclusion

In general I find Signal as good as WhatsApp, if not better. I had been worried I would not find an alternative to WhatsApp that is as easy to use and as intuitive. In fact Signal is very good, and, once you understand the security features I mentioned above, it is essentially the same as WhatsApp, which was a relief to me as I like the general concept of the WhatsApp UI.

At the moment I am having to use both WhatsApp and Signal because some of my contacts only use WhatsApp, but I have already persuaded some contacts to switch to Signal and I anticipate more will migrate to Signal once WhatsApp begins displaying adverts next year.

A correct method of configuring Samba for browsing SMB shares in a home network

SMB
SMB (Server Message Block) is the underlying protocol that Microsoft Windows computers use to connect to resources, such as file shares and printers, and to transfer information when the connections are established. Samba is the Linux implementation of SMB that allows file and printer information to be transferred between Windows and Linux computers. An early variant of the SMB protocol is known as ‘CIFS’ (Common Internet File System). CIFS is actually obsolete, so the correct term to use these days is ‘SMB’ (see the blog post Why You Should Never Again Utter The Word, "CIFS"), although ‘CIFS’ is still used sometimes when referring to SMB.

Terminology
You are likely to come across several terms when reading about Samba, such as NetBIOS, Active Directory (AD), Lightweight Directory Access Protocol (LDAP), Kerberos, Windows Internet Name Service (WINS) and Winbind, to name but a few. Most are used in larger corporate or enterprise networks but you can ignore most of them – only broadcast NetBIOS name resolution or WINS are necessary to configure Samba in small home networks. For example, my home network uses broadcast NetBIOS name resolution and sometimes has up to 15 devices connected (Linux, Windows 7/10, macOS, Android and iOS), all of which can browse file shares using SMB/Samba.

Note: You should not use Broadcast NetBIOS Name Resolution and WINS at the same time.

To explain the terminology – Active Directory is a central database of user accounts and passwords used primarily in Windows networks to authenticate users, and LDAP is the protocol that clients and servers use to access the Active Directory database. Kerberos is a separate encrypted authentication mechanism used for client-server applications, such as computers that access a specific file or web server, or SQL database. WINS is a mechanism for storing Windows computer name to IP address mappings on a central server – the WINS Server. Computers in a LAN interrogate the WINS server to obtain the IP addresses of other computers. It’s a bit like DNS except that the WINS Server stores Windows computer names rather than URLs or domain names. Winbind is a Unix/Linux mechanism that allows Windows NT accounts to look like a Unix service to Unix/Linux machines.

NetBIOS
How is NetBIOS relevant to Samba? Samba uses NetBIOS in three different ways:

  1. NetBIOS over UDP Port 137 to advertise Windows computer names for name to IP address resolution;

  2. NetBIOS over UDP Port 138 to advertise services that the computer offers and to elect a ‘Master Browser’ (explained below);

  3. SMB over NetBIOS over TCP/IP Port 139 to connect to file shares or printers. Once connected, the computers may negotiate using SMB direct over TCP/IP Port 445 to improve efficiency of the connection.

NetBIOS over UDP (Port 137) is a connectionless broadcast protocol that Windows machines use to advertise over the LAN their names and corresponding IP addresses. Other computers receive the broadcasts and cache the names and IP addresses in a name to IP address mapping table.

NetBIOS over UDP (Port 138) is a connectionless broadcast protocol that Windows machines use to advertise their eligibility to become the Master Browser or Backup Browser for a Windows Workgroup in the LAN. An automatic election process elects only one machine in a Workgroup to become the Master Browser for that workgroup, and elects one or more ‘Backup Browsers’ in the Workgroup. The Master Browser and Backup Browser(s) collate a list of all the computers in the Workgroup and the services that they offer. It is more efficient for a single computer to assume the master role and to collate the information than it is for the information to remain distributed. When you click on ‘Network’ in File Explorer’s ‘Network Neighbourhood’ window, your computer interrogates the Master Browser(s) to obtain a list of the Windows Workgroups in the LAN, the members of the Workgroup(s) and the file and printer services that each Workgroup member offers. If the Master Browser fails or is disconnected, a re-election takes place and a new Master Browser is elected from the list of Backup Browsers in that Workgroup. The same process occurs if you are using a Linux file manager (Dolphin in KDE, Nautilus in GNOME, etc.) with Samba. You can configure the ‘priority’ of the Samba server in each machine in the Workgroup so that it is either more likely or less likely to be elected the Master Browser for the Workgroup. You could even configure Samba on a Linux machine so that it will never be a Master Browser. (It is also possible to configure a Windows machine so that it will never be a Master Browser.)

     Renamed ‘Entire Network’ in some versions of Windows.
     Renamed ‘My Network Places’ or simply ‘Network’ in some versions of Windows.

SMB over NetBIOS over TCP/IP (Port 139) is a connection orientated protocol that Windows computers use to connect to file shares and printers, to retrieve directory listings and to transfer files. Having obtained a list of computers and file shares from the Master Browser, if you click on a particular file share to connect to it, your computer looks up the name of the target computer in the local name table, obtains the target computer’s IP address and initiates a SMB over NetBIOS over TCP/IP connection to it. The target computer then issues a username and password prompt for you to complete the connection. If authentication is successful, the SMB protocol is used to transfer a directory listing of the contents of the share. If you drag and drop a file from the share to your local machine, or vice-versa, SMB is used to transfer the file. Behind the scenes, during the initial connection set-up, your computer and the target carry out a negotiation. If both machines support SMB direct over TCP/IP, the directory listing and subsequent file transfer are transported using SMB over TCP/IP Port 445. This is much more efficient because it eliminates completely the NetBIOS overhead.

When you install and configure Samba on a Linux computer, the ‘smbd‘ and ‘nmbd‘ daemons enable all of the functionality above. In a small network you do not need to enable or use AD, LDAP, Kerberos, WINS, Winbind or anything else for that matter. Samba and its built-in NetBIOS mechanisms will allow you to participate in a Windows Workgroup environment to share and use folders, files and printers.

Workgroups
The majority of Windows computers running in home networks are configured, by default, in a single Workgroup. A Workgroup is a simple way for computers in small networks to advertise and share resources, such as folders and printers, with other members of the same group. You can configure multiple Workgroups in the same LAN but each computer can belong to only one Workgroup. The theory is that different computers can share different resources within their group.

Please Note: A Windows Workgroup is not the same thing as a Windows HomeGroup. The latter concept was introduced in Windows 7 and is an ‘evolution’ of the Workgroup concept, in which you share folders and files but specify a pre-determined group password. All computers wishing to join the HomeGroup specify the same password to connect to the resources in that group. Samba does not participate in Windows HomeGroups because the latter is a Windows-only feature.

Configuring Samba
Firstly, install Samba on the Linux computer. Use Samba 4 and avoid Samba 3, which is obsolete. I have several laptops and a Network Addressable Storage (NAS) server, all running Linux with various releases of Samba 4. I also have a desktop computer running Windows 10 for family use. In addition, family and friends connect various laptops running Windows 7 and Windows 10 to my home network, as well as tablets and smartphones (see How to Access Shared Windows Folders on Android, iPad, and iPhone). This NAS runs 24/7 so I could have configured Samba to always make it the Master Browser but this is not necessary as the remaining computers in the network will elect a new Master Browser should the NAS fail.

Below is a summary of the steps to configure Samba in a Windows Workgroup:

  1. Configure the same Workgroup name on all of the Windows computers (for example, How to Change Workgroup in Windows 10). The default Windows 10 Workgroup is called ‘WORKGROUP‘. In the example further down I used the Windows GUI to change the Workgroup name to ‘GREENGABLES‘. There is plenty of information on the Internet about how to configure Windows file sharing so I won’t repeat any of it here (for example, How to Enable Network Discovery and Configure Sharing Options in Windows 10 and How to set up file sharing on Windows 10 (Share files using File Explorer)).

  2. Configure Samba on the Linux machines by editing the file ‘/etc/samba/smb.conf‘ on each. The contents of the file ‘smb.conf‘ are shown below for a Linux NAS and two Linux laptops. The NetBIOS name of the NAS is ‘akhanaten‘ and the laptops are ‘tutankhamun‘ and ‘smenkhkare‘. You can use either of the smb.conf files of the two laptops as a template for the smb.conf file of any Linux computer in your own home network. You can ignore the smb.conf file of the NAS if you simply want to be able to browse SMB/Samba shares on other computers in your home network.

  3. Use the command ‘pdbedit‘ on each Linux machine to define and configure the Samba users on that machine. The command ‘smbpasswd‘ is an alternative to ‘pdbedit‘ but I recommend you use the latter, as ‘smbpasswd‘ is deprecated. Each Samba user must exist as a Linux user because it is the Linux users who own the shares and are used for authentication.

  4. The NAS has Linux users ‘anne‘, ‘marilla‘, ‘matthew‘ and ‘guest‘, whereas each of the laptops has a Linux user ‘anne‘. The user name does not have to be the same on different computers.

  5. The purpose of each variable in ‘smb.conf‘ is explained on the applicable Samba manual page (enter the command ‘man smb.conf‘ in a terminal window) and the Samba documentation page for smb.conf on the Web.

Furthermore, make sure the Winbind daemon is not running. If Winbind is installed, make sure the service is not running and is disabled.

smb.conf of NAS running Ubuntu Server Edition:

[global]
# SMB uses ports 139 & 445, as explained in this blog post
smb ports = 139 445
netbios name = akhanaten
workgroup = greengables

# Use either NetBIOS broadcast for name resolution or entries in the /etc/hosts file
name resolve order = bcast host

# Don't care if the workgroup name is upper or lower case
case sensitive = no

# User authentication is used to access the shares
security = user
map to guest = bad user
guest account = guest

# Don't allow the use of root for network shares
invalid users = root

# Domain master only applies to LANs that are inter-connected across a WAN
domain master = no

# This machine is eligible to be a Master Browser and its priority is 4
# (the higher the os level, the more preferred to be Master Browser)
# (the maximum allowable value for os level is 255)
preferred master = yes
os level = 4
dns proxy = no

# Always advertise the shares automatically
auto services = global

# Interfaces on which to listen for NetBIOS broadcasts and to allow SMB connections
# Include "lo" because it is the internal interface
# em1 is the name of the Ethernet interface, found using the ifconfig command
interfaces = lo em1
bind interfaces only = yes
log file = /var/log/samba/log.%m
max log size = 1000
syslog = 0

panic action = /usr/share/samba/panic-action %d
server role = standalone server
passdb backend = tdbsam
obey pam restrictions = yes

# Don't synchronise the Linux and Samba user passwords - they can be different
unix password sync = no
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
pam password change = yes

# This Samba configuration does not advertise any printers
load printers = no

# File to map long usernames to shorter Unix usernames, if necessary
username map = /etc/samba/smbusers

# Allow guest user access if specified in the shares
guest ok = yes

# First user share is called "anne" - only user "anne" specified below can connect to the share
[anne]
comment = "anne share"
path = /nas/shares/anne
writeable = yes
valid users = anne

# Second user share is called "marilla" - only user "marilla" specified below can connect to the share
[marilla]
comment = "marilla share"
path = /nas/shares/marilla
writeable = yes
valid users = marilla

# Third user share is called "matthew" - only user "matthew" specified below can connect to the share
[matthew]
comment = "matthew share"
path = /nas/shares/matthew
writeable = yes
valid users = matthew

# Fourth user share is called "guest" - any user can connect to the share
[guest]
comment = "guest account"
path = /nas/shares/guest
writeable = yes
guest ok = yes
valid users = guest anne marilla matthew

smb.conf of laptop #1 running Gentoo Linux:

[global]
;no need to specify 'smb ports' as ports 139 & 445 used by default
workgroup = GREENGABLES
netbios name = tutankhamun
case sensitive = no
browseable = yes

;If this machine becomes a Master Browser, the following parameter allows it to hold the browse list
browse list = yes

printcap name = cups
printing = cups

log file = /var/log/samba/log.%m
max log size = 50

security = user
map to guest = bad user

encrypt passwords = yes
passdb backend = tdbsam

domain master = no
local master = yes
preferred master = yes
; os level = 6 on the other laptop, so I have made it 5 on this laptop.
os level = 5
name resolve order = bcast
wins support = no
dns proxy = no

;Listen for NetBIOS on Ethernet and Wireless interfaces
;Names of the interfaces found using ifconfig command
interfaces = enp4s0f1 wlp3s0

[netlogon]
comment = Network Logon Service
path = /var/lib/samba/netlogon
guest ok = yes

[printers]
comment = All Printers
path = /var/spool/samba
guest ok = yes
printable = yes
create mask = 0700

[print$]
path = /var/lib/samba/printers
write list = @adm root
guest ok = yes

[anne-share]
path = /home/anne/anne-share/
guest ok = yes
;read only = no
writeable = yes
browseable = yes
valid users = anne

[Public]
path = /home/anne/Public/
guest ok = yes
;read only = no
writeable = yes
browseable = yes

smb.conf of laptop #2 running Gentoo Linux:

[global]
;no need to specify 'smb ports' as ports 139 & 445 used by default
workgroup = GREENGABLES
netbios name = smenkhkare
case sensitive = no
browseable = yes

;If this machine becomes a Master Browser, the following parameter allows it to hold the browse list
browse list = yes

printcap name = cups
printing = cups

log file = /var/log/samba/log.%m
max log size = 50

security = user
map to guest = bad user

encrypt passwords = yes
passdb backend = tdbsam

domain master = no
local master = yes
preferred master = yes
; os level = 5 on the other laptop so I have made it 6 on this laptop
os level = 6
name resolve order = bcast
wins support = no
dns proxy = no

;Listen for NetBIOS on Ethernet and Wireless interfaces
;Names of the interfaces found using ifconfig command
interfaces = eth0 wlan0

[netlogon]
comment = Network Logon Service
path = /var/lib/samba/netlogon
guest ok = yes

[printers]
comment = All Printers
path = /var/spool/samba
guest ok = yes
printable = yes
create mask = 0700

[print$]
path = /var/lib/samba/printers
write list = @adm root
guest ok = yes

[anne-share]
path = /home/anne/share-share/
guest ok = yes
;read only = no
writeable = yes
browseable = yes
valid users = anne

[Public]
path = /home/anne/Public/
guest ok = yes
;read only = no
writeable = yes
browseable = yes

Samba Commands
The following are Samba commands you can use on any of the Linux computers to find information on the Samba shares.

The ‘smbtree‘ command lists the computers currently using SMB in the local network:

user $ smbtree
GREENGABLES
        \\AKHANATEN                     Samba 4.3.11-Ubuntu
                \\AKHANATEN\IPC$                IPC Service (Samba 4.3.11-Ubuntu)
                \\AKHANATEN\guest               guest account
                \\AKHANATEN\matthew             matthew share
                \\AKHANATEN\marilla             marilla share
                \\AKHANATEN\anne                anne share
        \\SMENKHKARE                    Samba 4.2.14
                \\SMENKHKARE\Samsung_CLX-8385ND Samsung CLX-8385ND
                \\SMENKHKARE\Canon_MP510_Printer        Canon MP510 Printer
                \\SMENKHKARE\Virtual_PDF_Printer        Virtual PDF Printer
                \\SMENKHKARE\Canon_MP560_WiFi   Canon MP560 WiFi
                \\SMENKHKARE\IPC$               IPC Service (Samba 4.2.14)
                \\SMENKHKARE\Public         
                \\SMENKHKARE\anne-share     
                \\SMENKHKARE\print$         
                \\SMENKHKARE\netlogon           Network Logon Service
        \\TUTANKHAMUN                   Samba 4.2.11
                \\TUTANKHAMUN\Samsung_Xpress_C460FW     Samsung Xpress C460FW
                \\TUTANKHAMUN\Canon_MP560_Printer       Canon PIXMA MP560
                \\TUTANKHAMUN\Canon_MP510_Printer       Canon PIXMA MP510
                \\TUTANKHAMUN\Virtual_PDF_Printer       Virtual PDF Printer
                \\TUTANKHAMUN\IPC$              IPC Service (Samba 4.2.11)
                \\TUTANKHAMUN\Public
                \\TUTANKHAMUN\anne-share
                \\TUTANKHAMUN\print$
                \\TUTANKHAMUN\netlogon          Network Logon Service
HOME
        \\BTHUB5                        BT Home Hub 5.0A File Server
                \\BTHUB5\IPC$                   IPC Service (BT Home Hub 5.0A File Server)

BTHUB5‘ is a BT Home Hub 5 (a network router and broadband modem). Notice that it is configured by default to be in a Windows Workgroup named ‘HOME‘. The BT Home Hub 5 has a USB port to which an external USB HDD could be attached, so I assume computers in the home network could have been configured to use the HOME Workgroup instead of GREENGABLES and hence access that USB HDD, i.e. use it as a NAS. However, no HDD is attached to the BT Home Hub 5, so just ignore the BTHUB5 device and the HOME Workgroup.

The ‘nmblookup‘ command is used to see which services each computer offers. The strings ‘..__MSBROWSE__.‘ and ‘<1d>‘ in the output indicate that the computer is currently the Master Browser (see the Microsoft TechNet article NetBIOS Over TCP/IP for details):

user $ nmblookup akhanaten
192.168.1.70 akhanaten<00>

user $ nmblookup -A 192.168.1.70
Looking up status of 192.168.1.70
        AKHANATEN       <00> -         B <ACTIVE>
        AKHANATEN       <03> -         B <ACTIVE>
        AKHANATEN       <20> -         B <ACTIVE>
        GREENGABLES     <00> - <GROUP> B <ACTIVE>
        GREENGABLES     <1e> - <GROUP> B <ACTIVE>

        MAC Address = 00-00-00-00-00-00

user $ nmblookup tutankhamun
192.168.1.79 tutankhamun<00>

user $ nmblookup -A 192.168.1.79
Looking up status of 192.168.1.79
        TUTANKHAMUN     <00> -         B <ACTIVE>
        TUTANKHAMUN     <03> -         B <ACTIVE>
        TUTANKHAMUN     <20> -         B <ACTIVE>
        GREENGABLES     <00> - <GROUP> B <ACTIVE>
        GREENGABLES     <1e> - <GROUP> B <ACTIVE>

        MAC Address = 00-00-00-00-00-00

user $ nmblookup smenkhkare
192.168.1.90 smenkhkare<00>

user $ nmblookup -A 192.168.1.90
Looking up status of 192.168.1.90
        SMENKHKARE      <00> -         B <ACTIVE>
        SMENKHKARE      <03> -         B <ACTIVE>
        SMENKHKARE      <20> -         B <ACTIVE>
        ..__MSBROWSE__. <01> - <GROUP> B <ACTIVE> 
        GREENGABLES     <00> - <GROUP> B <ACTIVE>
        GREENGABLES     <1d> -         B <ACTIVE>
        GREENGABLES     <1e> - <GROUP> B <ACTIVE>

        MAC Address = 00-00-00-00-00-00

..__MSBROWSE__.‘ and ‘<1d>‘ in the above output indicates that the laptop named smenkhkare is currently the Master Browser of the Workgroup named GREENGABLES. See the Microsoft TechNet article NetBIOS Over TCP/IP to interpret the output.

Now let’s look at what happens when thutmoseiii, the Windows 10 desktop connected to this home network, is powered up:

user $ smbtree
GREENGABLES
        \\AKHANATEN                     Samba 4.3.11-Ubuntu
                \\AKHANATEN\IPC$                IPC Service (Samba 4.3.11-Ubuntu)
                \\AKHANATEN\guest               guest account
                \\AKHANATEN\matthew             matthew share
                \\AKHANATEN\marilla             marilla share
                \\AKHANATEN\anne                anne share
        \\SMENKHKARE                    Samba 4.2.14
                \\SMENKHKARE\Samsung_CLX-8385ND Samsung CLX-8385ND
                \\SMENKHKARE\Canon_MP510_Printer        Canon MP510 Printer
                \\SMENKHKARE\Virtual_PDF_Printer        Virtual PDF Printer
                \\SMENKHKARE\Canon_MP560_WiFi   Canon MP560 WiFi
                \\SMENKHKARE\IPC$               IPC Service (Samba 4.2.14)
                \\SMENKHKARE\Public
                \\SMENKHKARE\anne-share
                \\SMENKHKARE\print$
                \\SMENKHKARE\netlogon           Network Logon Service
        \\TUTANKHAMUN                   Samba 4.2.11
                \\TUTANKHAMUN\Samsung_Xpress_C460FW     Samsung Xpress C460FW
                \\TUTANKHAMUN\Canon_MP560_Printer       Canon PIXMA MP560
                \\TUTANKHAMUN\Canon_MP510_Printer       Canon PIXMA MP510
                \\TUTANKHAMUN\Virtual_PDF_Printer       Virtual PDF Printer
                \\TUTANKHAMUN\IPC$              IPC Service (Samba 4.2.11)
                \\TUTANKHAMUN\Public
                \\TUTANKHAMUN\anne-share
                \\TUTANKHAMUN\print$
                \\TUTANKHAMUN\netlogon          Network Logon Service
        \\THUTMOSEIII                   Lounge Computer
HOME
        \\BTHUB5                        BT Home Hub 5.0A File Server
                \\BTHUB5\IPC$                   IPC Service (BT Home Hub 5.0A File Server)

user $ nmblookup thutmoseiii
192.168.1.74 thutmoseiii<00>
192.168.56.1 thutmoseiii<00>

user $ nmblookup -A 192.168.1.74
Looking up status of 192.168.1.74
        THUTMOSEIII     <20> -         B <ACTIVE> 
        THUTMOSEIII     <00> -         B <ACTIVE> 
        GREENGABLES     <00> - <GROUP> B <ACTIVE> 
        GREENGABLES     <1e> - <GROUP> B <ACTIVE> 

        MAC Address = AA-BB-CC-DD-EE-FF (anonymised by me)

So Linux computer smenkhkare remained the Master Browser. This is because the Windows 10 computer has its Registry subkey HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Browser\Parameters\MaintainServerList set to ‘Auto‘, and also there is no subkey \HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Browser\Parameters\IsDomainMaster so implicitly its value is False (i.e. the computer is not a Preferred Master Browser). See Microsoft TechNet article Specifying Browser Computers for details.

By the way, notice that two IP addresses are listed for thutmoseiii. This is because thutmoseiii is connected to two network adapters: 192.168.1.74 is the IP address of thutmoseiii in the home network, and 192.168.56.1 is the IP address of the virtual network interface for the virtual computers in VirtualBox installed on thutmoseiii.

If the Samba service on smenkhkare is now stopped from the command line, Windows 10 computer thutmoseiii is elected Master Browser after more than a minute has elapsed:

user $ nmblookup -A 192.168.1.74
Looking up status of 192.168.1.74
        THUTMOSEIII     <20> -         B <ACTIVE> 
        THUTMOSEIII     <00> -         B <ACTIVE> 
        GREENGABLES     <00> - <GROUP> B <ACTIVE> 
        GREENGABLES     <1e> - <GROUP> B <ACTIVE> 
        GREENGABLES     <1d> -         B <ACTIVE> 
        ..__MSBROWSE__. <01> - <GROUP> B <ACTIVE>

        MAC Address = AA-BB-CC-DD-EE-FF (anonymised by me)

If the Samba service on smenkhkare is then restarted from the command line and the Windows 10 computer is allowed to go to sleep, the laptop named smenkhkare becomes the Master Brower again as expected.

NetBIOS Commands in Windows
Now let’s look at some NetBIOS equivalent commands on the Windows 10 computer (Windows computer name: thutmoseiii).

First let’s see which remote computers thutmoseiii detects:

C:\WINDOWS\system32>nbtstat -c

VirtualBox Host-Only Network 2:
Node IpAddress: [192.168.56.1] Scope Id: []

    No names in cache

Ethernet:
Node IpAddress: [192.168.1.74] Scope Id: []

                  NetBIOS Remote Cache Name Table

        Name              Type       Host Address    Life [sec]
    ------------------------------------------------------------
    AKHANATEN      <20>  UNIQUE          192.168.1.70        381
    TUTANKHAMUN    <20>  UNIQUE          192.168.1.79        407
    SMENKHKARE     <20>  UNIQUE          192.168.1.90        416

WiFi:
Node IpAddress: [0.0.0.0] Scope Id: []

    No names in cache

Local Area Connection* 11:
Node IpAddress: [0.0.0.0] Scope Id: []

    No names in cache

Four adapters are listed in the above output: ‘VirtualBox Host-Only Network 2‘, ‘Ethernet‘, ‘WiFi‘ and ‘Local Area Connection* 11‘. Let’s look at why they are listed:

  • The first adapter listed exists because VirtualBox is installed on thutmoseiii and has a virtual network adapter to enable virtual computers to be networked together (see What Is A Oracle VM VirtualBox Host-Only Network Adapter? if you don’t know what is a VirtualBox Host-Only Network Adapter).

  • The second adapter listed is the computer’s Ethernet adapter. thutmoseiii is connected to the home network via this interface, and the above output shows that thutmoseiii has correctly detected the three other computers connected to the home network.

  • The third adapter listed is the computer’s wireless adapter. thutmoseiii also has a Wi-Fi interface, currently disabled in Windows, hence no active wireless connection is listed.

  • The fourth adapter is a ‘Microsoft Wi-Fi Direct Virtual Adapter’ according to the output of the ipconfig/all command. As the Wi-Fi interface is currently disabled in Windows, no active connection is listed here either.

Now let’s see what thutmoseiii reports about itself:

C:\WINDOWS\system32>nbtstat -n

VirtualBox Host-Only Network 2:
Node IpAddress: [192.168.56.1] Scope Id: []

                NetBIOS Local Name Table

       Name               Type         Status
    ---------------------------------------------
    THUTMOSEIII    <20>  UNIQUE      Registered
    THUTMOSEIII    <00>  UNIQUE      Registered
    GREENGABLES    <00>  GROUP       Registered
    GREENGABLES    <1E>  GROUP       Registered
    GREENGABLES    <1D>  UNIQUE      Registered
    ☺☻__MSBROWSE__☻<01>  GROUP       Registered

Ethernet:
Node IpAddress: [192.168.1.74] Scope Id: []

                NetBIOS Local Name Table

       Name               Type         Status
    ---------------------------------------------
    THUTMOSEIII    <20>  UNIQUE      Registered
    THUTMOSEIII    <00>  UNIQUE      Registered
    GREENGABLES    <00>  GROUP       Registered
    GREENGABLES    <1E>  GROUP       Registered

WiFi:
Node IpAddress: [0.0.0.0] Scope Id: []

    No names in cache

Local Area Connection* 11:
Node IpAddress: [0.0.0.0] Scope Id: []

    No names in cache

The above is correct: thutmoseiii is the Master Browser in the Windows Workgroup of VirtualBox Host-Only Network 2, but not a Master Browser in the GREENGABLES Workgroup to which thutmoseiii is connected by Ethernet cable. As the Wi-Fi interface in thutmoseiii is currently disabled, no active wireless connection is listed.

Now let’s take a look at what thutmoseiii reports about akhanaten:

C:\WINDOWS\system32>nbtstat -a akhanaten

VirtualBox Host-Only Network 2:
Node IpAddress: [192.168.56.1] Scope Id: []

    Host not found.

Ethernet:
Node IpAddress: [192.168.1.74] Scope Id: []

           NetBIOS Remote Machine Name Table

       Name               Type         Status
    ---------------------------------------------
    AKHANATEN      <00>  UNIQUE      Registered
    AKHANATEN      <03>  UNIQUE      Registered
    AKHANATEN      <20>  UNIQUE      Registered
    GREENGABLES    <00>  GROUP       Registered
    GREENGABLES    <1E>  GROUP       Registered

    MAC Address = 00-00-00-00-00-00


WiFi:
Node IpAddress: [0.0.0.0] Scope Id: []

    Host not found.

Local Area Connection* 11:
Node IpAddress: [0.0.0.0] Scope Id: []

    Host not found.

The above is also correct, as akhanaten is indeed not a Master Browser.

Now let’s have a look at what thutmoseiii reports about tutankhamun:

C:\WINDOWS\system32>nbtstat -a tutankhamun

VirtualBox Host-Only Network 2:
Node IpAddress: [192.168.56.1] Scope Id: []

    Host not found.

Ethernet:
Node IpAddress: [192.168.1.74] Scope Id: []

           NetBIOS Remote Machine Name Table

       Name               Type         Status
    ---------------------------------------------
    TUTANKHAMUN    <00>  UNIQUE      Registered
    TUTANKHAMUN    <03>  UNIQUE      Registered
    TUTANKHAMUN    <20>  UNIQUE      Registered
    GREENGABLES    <00>  GROUP       Registered
    GREENGABLES    <1E>  GROUP       Registered

    MAC Address = 00-00-00-00-00-00


WiFi:
Node IpAddress: [0.0.0.0] Scope Id: []

    Host not found.

Local Area Connection* 11:
Node IpAddress: [0.0.0.0] Scope Id: []

    Host not found.

The above is also correct, as tutankhamun is indeed not a Master Browser.

Now let’s have a look at what thutmoseiii reports about smenkhkare:

C:\WINDOWS\system32>nbtstat -a smenkhkare

VirtualBox Host-Only Network 2:
Node IpAddress: [192.168.56.1] Scope Id: []

    Host not found.

Ethernet:
Node IpAddress: [192.168.1.74] Scope Id: []

           NetBIOS Remote Machine Name Table

       Name               Type         Status
    ---------------------------------------------
    SMENKHKARE     <00>  UNIQUE      Registered
    SMENKHKARE     <03>  UNIQUE      Registered
    SMENKHKARE     <20>  UNIQUE      Registered
    ☺☻__MSBROWSE__☻<01>  GROUP       Registered
    GREENGABLES    <00>  GROUP       Registered
    GREENGABLES    <1D>  UNIQUE      Registered
    GREENGABLES    <1E>  GROUP       Registered

    MAC Address = 00-00-00-00-00-00


WiFi:
Node IpAddress: [0.0.0.0] Scope Id: []

    Host not found.

Local Area Connection* 11:
Node IpAddress: [0.0.0.0] Scope Id: []

    Host not found.

The above is also correct, as smenkhkare is indeed the Master Browser (notice the ‘☺☻__MSBROWSE__☻‘ and ‘<1D>‘).

Q.E.D.
So there you have it; Browser Elections take place and the Master Browser is any one of the Linux or Windows computers in the home network, thus enabling SMB browsing to take place. No WINS, no LDAP, no AD, no Kerberos. All SMB communication is carried out using NetBIOS over TCP/IP and Broadcast NetBIOS Name Resolution, as shown by the output of the command ‘nbtstat -r‘ on thutmoseiii:

C:\WINDOWS\system32>nbtstat -r

    NetBIOS Names Resolution and Registration Statistics
    ----------------------------------------------------

    Resolved By Broadcast     = 65
    Resolved By Name Server   = 0

    Registered By Broadcast   = 233
    Registered By Name Server = 0

    NetBIOS Names Resolved By Broadcast
---------------------------------------------
           BTHUB5         <00>
           呂啈㕂†††††䱃噅坏㌲匰⁓†
           TUTANKHAMUN    <00>
           AKHANATEN      <00>
           SMENKHKARE     <00>

I assume the line of Chinese and other characters is because of some deficiency in NBTSTAT.EXE, CMD.EXE or Windows 10 generally — despite having entered ‘CHCP 65001‘ and chosen a Unicode TrueType font in CMD.EXE — but the important point is that the statistics listed by the ‘nbtstat -r‘ command clearly show that only broadcasts are used for NetBIOS Name resolution, as promised. NetBIOS name resolution works fine in the home network and all the sharing-enabled computers in the home network can browse SMB shares on other sharing-enabled computers, whether they are running Windows, Linux, macOS, Android or iOS. I reiterate that this is for a typical home network.

Command to find Master Browsers
In Linux you can use the ‘nmblookup‘ command as follows to find out which machine in the home network is currently the Master Browser in each Workgroup:

user $ nmblookup -M -- -
192.168.1.254 __MSBROWSE__
192.168.1.90 __MSBROWSE__
192.168.56.1 __MSBROWSE__

You can see above that there are currently three Master Browsers in this home network. Let’s check the details for these three Master Browsers:

user $ nmblookup -A 192.168.1.254
Looking up status of 192.168.1.254
        BTHUB5          <00> -         B <ACTIVE>
        BTHUB5          <03> -         B <ACTIVE>
        BTHUB5          <20> -         B <ACTIVE>
        ..__MSBROWSE__. <01> - <GROUP> B <ACTIVE>
        HOME            <1d> -         B <ACTIVE>
        HOME            <1e> - <GROUP> B <ACTIVE>
        HOME            <00> - <GROUP> B <ACTIVE>

        MAC Address = 00-00-00-00-00-00

You can see above that the machine BTHUB5 (which is actually the home network’s router) is the Master Browser in the Workgroup named HOME (see earlier).

user $ nmblookup -A 192.168.1.90
Looking up status of 192.168.1.90
        SMENKHKARE      <00> -         B <ACTIVE>
        SMENKHKARE      <03> -         B <ACTIVE>
        SMENKHKARE      <20> -         B <ACTIVE>
        ..__MSBROWSE__. <01> - <GROUP> B <ACTIVE>
        GREENGABLES     <00> - <GROUP> B <ACTIVE>
        GREENGABLES     <1d> -         B <ACTIVE>
        GREENGABLES     <1e> - <GROUP> B <ACTIVE>

        MAC Address = 00-00-00-00-00-00

You can see above that computer SMENKHKARE is currently the Master Browser in the Workgroup named GREENGABLES.

user $ nmblookup -A 192.168.56.1
Looking up status of 192.168.56.1
No reply from 192.168.56.1

You can see above that the network node 192.168.56.1 is inactive, which is not surprising considering that it is a node on a VirtualBox virtual subnet on the Windows 10 computer thutmoseiii (see earlier) and VirtualBox is not running at the moment on that computer.

On a Windows machine it is not quite so easy to find out which machines are currently Master Browsers. However, on the face of it the third-party utility lanscan.exe can do it (see How to Determine the Master Browser in a Windows Workgroup):

C:\WINDOWS\system32>lanscan

LANscanner v1.67 - ScottiesTech.Info

Scanning LAN...

Scanning workgroup: HOME...

Scanning workgroup: GREENGABLES...

BTHUB5            192.168.1.254    11-11-11-11-11-11  HOME         MASTER
THUTMOSEIII       192.168.56.1     22-22-22-22-22-22  GREENGABLES  MASTER
SMENKHKARE        192.168.1.90     aa-bb-cc-dd-ee-ff  GREENGABLES  MASTER
TUTANKHAMUN       192.168.1.79     33-33-33-33-33-33  GREENGABLES
AKHANATEN         192.168.1.70     55-55-55-55-55-55  GREENGABLES

Press any key to exit...

(MAC addresses anonymised by me.)

Notice above that lanscan.exe listed the VirtualBox virtual subnet node 192.168.56.1 in Windows 10 computer thutmoseiii (see earlier) but omitted to list the node 192.168.1.74 (also thutmoseiii) in the real network. Now, in this particular case thutmoseiii on 192.168.1.74 is not a Master Browser. Nevertheless, as lanscan.exe is supposed to list all nodes, its failure to list the node 192.168.1.74 is a shortcoming.

And what happens if thutmoseiii on node 192.168.1.74 becomes a Master Browser? In that case lanscan.exe still omits the node from the list and, in addition, wrongly shows tutankhamun as a Master Browser:

C:\WINDOWS\system32>nbtstat -n

VirtualBox Host-Only Network 2:
Node IpAddress: [192.168.56.1] Scope Id: []

                NetBIOS Local Name Table

       Name               Type         Status
    ---------------------------------------------
    THUTMOSEIII    <20>  UNIQUE      Registered
    THUTMOSEIII    <00>  UNIQUE      Registered
    GREENGABLES    <00>  GROUP       Registered
    GREENGABLES    <1E>  GROUP       Registered
    GREENGABLES    <1D>  UNIQUE      Registered
    ☺☻__MSBROWSE__☻<01>  GROUP       Registered

Ethernet:
Node IpAddress: [192.168.1.74] Scope Id: []

                NetBIOS Local Name Table

       Name               Type         Status
    ---------------------------------------------
    THUTMOSEIII    <20>  UNIQUE      Registered
    THUTMOSEIII    <00>  UNIQUE      Registered
    GREENGABLES    <00>  GROUP       Registered
    GREENGABLES    <1E>  GROUP       Registered
    GREENGABLES    <1D>  UNIQUE      Registered
    ☺☻__MSBROWSE__☻<01>  GROUP       Registered

WiFi:
Node IpAddress: [0.0.0.0] Scope Id: []

    No names in cache

Local Area Connection* 11:
Node IpAddress: [0.0.0.0] Scope Id: []

    No names in cache

C:\WINDOWS\system32>nbtstat -A 192.168.1.79

VirtualBox Host-Only Network 2:
Node IpAddress: [192.168.56.1] Scope Id: []

    Host not found.

Ethernet:
Node IpAddress: [192.168.1.74] Scope Id: []

           NetBIOS Remote Machine Name Table

       Name               Type         Status
    ---------------------------------------------
    TUTANKHAMUN    <00>  UNIQUE      Registered
    TUTANKHAMUN    <03>  UNIQUE      Registered
    TUTANKHAMUN    <20>  UNIQUE      Registered
    GREENGABLES    <00>  GROUP       Registered
    GREENGABLES    <1E>  GROUP       Registered

    MAC Address = 00-00-00-00-00-00


WiFi:
Node IpAddress: [0.0.0.0] Scope Id: []

    Host not found.

Local Area Connection* 11:
Node IpAddress: [0.0.0.0] Scope Id: []

    Host not found.

C:\WINDOWS\system32>lanscan

LANscanner v1.67 - ScottiesTech.Info

Scanning LAN...

Scanning workgroup: HOME...

Scanning workgroup: GREENGABLES...

BTHUB5            192.168.1.254    11-11-11-11-11-11  HOME         MASTER
THUTMOSEIII       192.168.56.1     22-22-22-22-22-22  GREENGABLES  MASTER
TUTANKHAMUN       192.168.1.79     33-33-33-33-33-33  GREENGABLES  MASTER
SMENKHKARE        192.168.1.90     aa-bb-cc-dd-ee-ff  GREENGABLES
AKHANATEN         192.168.1.70     55-55-55-55-55-55  GREENGABLES

Press any key to exit...

(MAC addresses anonymised by me.)

Linux appears to have the edge on Windows in this respect, as the Samba command ‘nmblookup -M -- -‘ detects all the Master Browsers correctly in the above situation:

user $ nmblookup -M -- -
192.168.1.254 __MSBROWSE__
192.168.1.74 __MSBROWSE__
192.168.56.1 __MSBROWSE__

So it appears that, from a Windows computer, the only sure way to find all Master Browsers is to use the command ‘nbtstat -a <computer name>‘ to check each remote machine in the home network, plus the command ‘nbtstat -n‘ to check the Windows computer you are using.

Footnote
The ebuild of the current Gentoo Stable Branch package net-fs/samba-4.2.11 (and probably the ebuild of the Testing Branch package net-fs/samba-4.2.14 as well) is not entirely correct, as it pulls in unnecessary dependencies (see Gentoo Bug Report No. 579088 – net-fs/samba-4.x has many hard dependencies, make some optional). For example, Kerberos is not required at all if you are not using LDAP, AD, etc. and are just using NETBIOS Name Resolution by Broadcast in a Windows Workgroup (like most home users). However, the Gentoo samba ebuild forces the user to install Kerberos (either the MIT implementation app-crypt/mit-krb5 or the Heimdal implementation app-crypt/heimdal) even if you specify that Samba should be built without support for LDAP, AD, etc. This does not cause any harm, but it is unnecessary.

user $ eix -I samba
[I] net-fs/samba
     Available versions:  3.6.25^t 4.2.11 ~4.2.14 [M]~4.3.11 [M]~4.4.5 [M]~4.4.6 [M]~4.5.0 {acl addc addns ads (+)aio avahi caps (+)client cluster cups debug dmapi doc examples fam gnutls iprint ldap ldb +netapi pam quota +readline selinux +server +smbclient smbsharemodes swat syslog +system-mitkrb5 systemd test (+)winbind zeroconf ABI_MIPS="n32 n64 o32" ABI_PPC="32 64" ABI_S390="32 64" ABI_X86="32 64 x32" PYTHON_TARGETS="python2_7"}
     Installed versions:  4.2.11(19:40:03 16/09/16)(avahi client cups fam gnutls pam -acl -addc -addns -ads -aio -cluster -dmapi -iprint -ldap -quota -selinux -syslog -system-mitkrb5 -systemd -test -winbind ABI_MIPS="-n32 -n64 -o32" ABI_PPC="-32 -64" ABI_S390="-32 -64" ABI_X86="64 -32 -x32" PYTHON_TARGETS="python2_7")
     Homepage:            http://www.samba.org/
     Description:         Samba Suite Version 4

If you are a Gentoo Linux user, you can merge the package net-fs/samba with the same USE flags shown above (obviously change “-systemd” to “systemd” if you use systemd instead of OpenRC), and use the laptops’ smb.conf files shown in this post as templates, and you will be able to share files and printers using Samba and NetBIOS name resolution. Don’t forget to use pdbedit to define the Samba users, and don’t forget to stop and disable winbindd if it is already installed.

Further reading

ADDENDUM (October 30, 2016): You probably already use the Public folder in Windows. If not, you can find a brief explanation in the article Simple Questions: What is the Public Folder & How to Use it?. There are a number of default sub-folders in C:\Users\Public\ on a Windows machine. There are some differences depending on the version of Windows, but in Windows 10 (Anniversary Update) these sub-folders are named:

C:\Public\Libraries
C:\Public\Public Account Pictures
C:\Public\Public Desktop
C:\Public\Public Documents
C:\Public\Public Downloads
C:\Public\Public Music
C:\Public\Public Pictures
C:\Public\Public Videos

These predefined sub-folders are not ordinary folders, and I have noticed a surmountable minor limitation when accessing them from a Linux machine using Samba, as explained below.

If I enable Public Folder Sharing on a Windows machine (‘Turn on sharing so that anyone with network access can read and write files in the Public folders’) and configure the security permissions of the Public folder for Everyone, from another Windows machine in the Workgroup I can copy files to the first machine’s Public folder and default sub-folders. From a Linux machine in the Workgroup I can copy files to the Public folder on Windows machines in the Workgroup but I cannot copy files to the default sub-folders (the Dolphin file manager displays the error message ‘Access denied. Could not write to .‘). However, this is not a big deal because I can copy files into the Public folder itself and into manually created sub-folders in the Public folder.

ADDENDUM (February 13, 2018): Windows 10 Version 1709 and later have the SMBv1/CIFS protocol disabled by default, so the Lanscan utility will no longer work in Windows 10 Version 1709. That is not a big deal if you also have Linux machines on your home network; just use the Samba commands from one of those Linux machines instead. If you have devices on your home network that only support SMBv1/CIFS protocol and they cannot be configured to use the SMBv3 protocol, your only option is to configure Windows 10 Version 1709 to use the SMBv1 protocol, which is less secure than the later SMB protocols. See e.g. the article Cannot browse network neighborhood under Windows 10 Fall Creators update 1709 and newer for how to configure Windows 10 Version 1709 to use the SMBv1 protocol. In my case, all my Linux machines using Samba can be configured via the smb.conf file to use a newer version of the SMB protocol (see ‘server min protocol’ and ‘server max protocol’ in the Samba documentation for smb.conf).

KDE Connect on a hotel Wi-Fi network

I am a fan of KDE Connect (see my 2014 post about an earlier version), but had previously been unable to use it with a hotel network. However today I managed to do that, and here is how I did it …

I first connected my laptop and my Samsung Galaxy Note 4 to the hotel’s Wi-Fi network, then used the ifconfig command in Linux on my laptop to find the IP address of my laptop on the hotel’s network. Note that the IP address one sees if one uses a Web site such as WhatIsMyIPAddress will be the laptop’s outward-facing IP address, not the IP address of the laptop on the hotel network. For example, the ifconfig command has just shown me that my current DHCP-allocated IP address is 10.154.245.40 on this hotel’s network for this session whereas the Web site WhatIsMyIPAddress is showing my IP address as 78.100.57.102.

By the way, I can also use the excellent Android utility Fing on my Galaxy Note 4 to find the IP address of my laptop on the hotel’s network. It is quite interesting to use Fing to see what other devices (their hostname and IP address) are currently connected to the hotel’s network.

Anyway, then I launched KDE Connect on the Galaxy Note 4, tapped and ‘Add devices by IP’, and entered the laptop’s IP address (10.154.245.40 in this specific case). I was able to pair with KDE Connect running on my laptop and send files from my phone to the laptop, and vice versa.

Using a Samsung Xpress C460FW with Gentoo Linux and Android KitKat for printing and scanning

INTRODUCTION

A work colleague has just received a Samsung Xpress C460FW MFP (laser printer, scanner, copier and fax machine) for small print jobs. It is possible to connect to it via USB, Direct USB, wired network, wireless network, Wi-Fi Direct and NFC; that’s impressive for a MFP that can be purchased for GBP 270 in the UK.

I wanted to use the C460FW to print and scan from my laptop running Gentoo Linux, and also to print and scan from my Samsung Galaxy Note 4 running Android KiKat. It turned out that I was able to do all of those, and it was not difficult to set up.

A technician from the IT Support department had already entered a static IP address, subnet mask and default gateway IP address via the C460FW’s control panel to connect it to the office’s wired network. So my options to connect to this particular C460FW are: the wired network for Linux; Wi-Fi Direct for Linux and Android; NFC for Android.

I had never used Wi-Fi Direct before, but it turned out to be easy in Gentoo Linux on my laptop, and also easy in Android KitKat on my Samsung Galaxy Note 4. I had never used NFC before either, and that also turned out to be easy on my Samsung Galaxy Note 4.

Samsung has a series of videos on YouTube explaining how to use Wi-Fi Direct and NFC for printing, scanning and faxing with the C460FW from a Samsung smartphone; here are links to a few of them:

Samsung Smart Printing – 01 NFC Connect

Samsung Smart Printing – 02 Wi Fi Direct

Samsung Smart Printing – 03 Wi Fi

Samsung Smart Printing – 04 NFC Print

Samsung Smart Printing – 05 NFC Scan

Samsung Smart Printing – 06 NFC Fax

Samsung Smart Printing – 11 Samsung Mobile Print App(Printer Status)

PRINTING

Linux

Wired connection

I had installed the package net-print/samsung-unified-linux-driver Version 1.02 from a Portage local overlay back in March 2013 when I needed to print to a different model of Samsung MFP, so I thought I would see if that driver would work with the C460FW. I opened the CUPS Printer Manager in a browser window (http://localhost:631/) to configure my Gentoo installation to print to the device via the wired network. ‘Samsung C460 Series‘ was in the list of discovered network printers in the CUPS Printer Manager, and the driver ‘Samsung C460 Series PS‘ was displayed at the top of the list of models, so it was a piece of cake to set up the printer via CUPS, and I was able to print a test page in no time at all. My colleague uses a laptop running Windows 7, and he had to install the Windows driver from a Samsung CD that came with the C460FW.

Wireless connection

As the IT Support technician had configured the C460FW to print via the office wired network rather than the office wireless network, I decided to configure my laptop to print via Wi-Fi Direct, just to learn about Wi-Fi Direct, really. On the C460FW’s control panel I selected Network > Wireless > Wi-Fi Direct and enabled Wi-Fi Direct. Scrolling through the Wi-Fi Direct entries in the LCD I saw the following information:

Device Name: C460 Series
Network Key: <an 8-digit code>
IP address: 192.168.003.001

Two new networks were listed under ‘Available connections’ in plasma-nm (the KDE GUI front-end to NetworkManager) on my laptop: ‘DIRECT-HeC460 Series‘ and ‘DIRECT-SqC460 Series‘, both using WPA2-PSK encryption. I used the control panel of the C460FW to print a network configuration report in order to check which of the two SSIDs I should select, and it is ‘DIRECT-HeC460 Series‘ (I found out later that an adjacent room also has a C460FW and its Wi-Fi Direct SSID is ‘DIRECT-SqC460 Series‘). So I selected ‘DIRECT-HeC460 Series‘ and plasma-nm prompted me to enter a network password. I entered the 8-digit key I had found from the C460FW’s LCD panel (it’s also listed in the printed network configuration report), and NetworkManager connected to the printer.

In exactly the same way as I do when setting up any printer in Linux, I launched Firefox, opened the CUPS Printer Manager page, clicked on ‘Administration’ > ‘Add Printer’ and entered the user name ‘root’ and the password in the pop-up window. Again the ‘Add Printer’ page had ‘Samsung C460 Series‘ in the list of discovered network printers, so I just selected it and clicked on ‘Continue’. As I had already set up the printer in CUPS for the wired network connection and given it the name ‘Samsung_C460FW_office‘, I entered the name ‘Samsung_C460FW_office_WiFi_Direct‘ to distinguish it from the wired network entry, entered a Description and Location, and clicked on ‘Continue’. The next page had ‘Samsung C460 Series PS‘ first in the driver list so I selected that, clicked on ‘Add Printer’ and that was it. I was able to print a test page from the CUPS Printer Manager, and the printer is now included the list of printers in Linux applications’ print dialogues.

When I want to print using Wi-Fi Direct the only thing I need to remember to do first is select ‘DIRECT-HeC460 Series‘ in the network GUI on the KDE Panel, so that the connection is active when I click ‘Print’ in whichever application I want to print from.

Given the ease of printing via the wired network and Wi-Fi Direct, I have no doubts that printing would also work had the C460FW been configured for the office wireless network instead of the wired network.

Duplex printing

The only downside to the Samsung Xpress C460FW is that it only supports manual duplex printing. If you specify duplex printing when printing from Windows, Samsung’s Windows driver prints all the odd-numbered pages in reverse order and displays a message in Windows telling you what to do next (turn over the pile of paper and put it back in the paper tray!), but in Linux it’s not difficult to work out what you have to do: you simply have to print all the odd-numbered sides first, turn over the paper, then print all the even-numbered sides. The print dialogue in Linux applications gives you the option to print only odd-numbered pages or only even-numbered pages, so there is no problem. The print dialogue in some Linux applications allows you to print pages in reverse order as well but, if not, you have to reverse the order yourself before printing the even-numbered pages (i.e. put Page 1 face down at the top of the pile then Page 3 face down under it, and so on). It’s not a big deal unless the document has a large number of pages.

Android

As you would expect with devices from the same manufacturer, setting up my Samsung Galaxy Note 4 to print with the Samsung Xpress C460FW via WPS (Wi-Fi Protected Setup) was easy. When I selected ‘Print’ on the Galaxy Note 4, it gave me the option to print via wireless network or Wi-Fi Direct. I chose the latter and, as I had already enabled Wi-Fi Direct on the C460FW’s control panel, the printer name was displayed in the list of available devices. I selected it, a blue LED began flashing on the C460FW’s control panel and the LCD prompted me to press the WPS button (on the left of the control panel). As soon as I pressed that, the C460FW printed the document sent by my Galaxy Note 4. From then onwards, I just needed to select ‘Print’ on the Galaxy Note 4, select the printer from the list of available devices, and the document is printed. When I want to print using Wi-Fi Direct the only thing I need to remember to do first on the Galaxy Note 4 is select ‘DIRECT-HeC460 Series‘ as the Wi-Fi network.

NFC

I then decided to try to print using NFC. I placed the Galaxy Note 4, without Wi-Fi enabled and with the Home Screen displayed (not the Lock Screen), on the NFC label on top of the C460FW; Android launched Play Store and prompted me to install Samsung Mobile Print, which I did. Now when I place the Galaxy Note 4 on the NFC label, the Galaxy Note 4 automatically enables Wi-Fi, connects to the C460FW directly and displays the Mobile Print app showing the options Print, Scan and Fax, and a page of icons labelled: Gallery, Camera, Google Drive, E-mail, Web page, Document, Facebook, DropBox, Evernote, OneDrive and Box, as well as a Settings icon to configure the printer (paper size etc.). I am able to select a document, photograph, Web page, etc. on the Galaxy Note 4 and print it. It is also possible to launch the Mobile Print app first and then place the Galaxy Note 4 on the C460FW.

NFC is not entirely trouble-free, though. Sometimes the Galaxy Note 4 displays a ‘Device not found‘ message but I can still print. Sometimes the Galaxy Note 4 displays the message ‘Connecting printer. There was some error while connecting to this device. Check your printer and try again. If NFC Pin was changed then please enter new NFC Pin.‘ and the two devices will not connect. Powering off then on the C460FW solves that. Sometimes the Galaxy Note 4 connects to another wireless network instead of to the C460FW via Wi-Fi Direct and the Samsung Galaxy Note 4 then has to disconnect automatically from the other network. Sometimes the C460FW prompts me to press its WPS button and the Galaxy Note 4 then connects via Wi-Fi Direct but the Mobile Print app then displays the error message ‘Device not found. To troubleshoot please check – C460 Series is powered on. – Wi-Fi direct is enabled on C460 Series. – C460 Series and Mobile are connected to the same network.‘. Again, powering off then on the C460FW solves that. Despite these hiccups, printing via NFC is still handy.

SCANNING

Linux

I found out how to get the C460FW scanner working by consulting the third-party Web site The Samsung Unified Linux Driver Repository which someone created to provide .deb packages for the Samsung driver as well as tips on how to get Samsung printers and scanners working in Linux. It turned out to be relatively straightforward to scan, both via the office wired network and via Wi-Fi Direct. I edited the file /etc/sane.d/xerox_mfp.conf and replaced the following:

#Samsung C460 Series
usb 0x04e8 0x3468

with the following in order to use the C460FW to scan via the office wired network:

#Samsung C460 Series
#usb 0x04e8 0x3468
#Wired network static address of this C460FW:
tcp 10.90.21.125

or with the following in order to use the C460FW to scan via Wi-Fi Direct:

#Samsung C460 Series
#usb 0x04e8 0x3468
#Wi-Fi Direct address of this C460FW:
tcp 192.168.3.1

I found the IP addresses from the network configuration report I printed earlier.

I was able to use the two Linux scanning applications I normally use, XSane and gscan2pdf, to scan via the wired network and via Wi-Fi Direct. The resulting scans were very good. Given the ease of scanning via the wired network and Wi-Fi Direct, I have no doubts that scanning would work via a wireless network had the C460FW been configured for the office wireless network instead of the wired network.

Android

To use NFC to scan a document I place the Galaxy Note 4, without Wi-Fi enabled and with the Home Screen displayed (not the Lock Screen), on the NFC label on top of the C460FW. The Galaxy Note 4 enables Wi-Fi, connects automatically to the C460FW directly and launches the Mobile Print app showing the options Print, Scan and Fax. It is also possible to launch the Mobile Print app first and then place the Galaxy Note 4 on the C460FW. In other words, the procedure is exactly the same as when wanting to print via NFC. If I select Scan, the Galaxy Note 4 displays buttons for previewing and scanning. Amongst other things, the app’s Settings menu allows you to select whether you want to save the scanned image as a JPEG, PNG or PDF file. The hiccups mentioned above when printing via NFC also apply to scanning. Nevertheless, scanning from the C460FW to the Samsung Galaxy Note 4 via NFC is still handy.

CONCLUSION

As I am mainly interested in printing text documents I have only tried to print a few colour photographs on plain copier paper, and they look good. Text in documents looks crisp. Despite the lack of automatic duplex printing the C460FW is an excellent peripheral, especially for the price, although I don’t pay for the consumables so I have no idea of the operating costs. The ease with which I got it printing and scanning in Gentoo Linux (laptop) and Android KitKat (Samsung Galaxy Note 4) means that I would definitely consider purchasing this model for home use.

Samsung Galaxy Note 4

I owned a Samsung Galaxy Note II since October 2012 and had been very pleased with it, although recently I had been finding it a little slow when needing a fast response at work, and performance of the camera in low light could have been a bit better. The launch of the Galaxy Note 4 last October piqued my interest, and I finally succumbed to temptation and bought one last week. I have to say I am impressed with Clove Technology: I ordered the smartphone via the Internet at 00:02 on 22 January and it was delivered to my house on 23 January. I ordered the UK model (SM-N910F), and you can find the Samsung user manual for that model on the Samsung Support page.

The smartphone has so many features and options that you really need to study the manual and watch some tutorial videos in order to get the most out of it. If you don’t, you’ll be missing out on several extremely powerful tools. I spent some time trawling YouTube for tutorial videos; below I list the ones I found the most useful, in no particular order. Several of them cover mostly the same ground, but usually there is a tip in one that is not in another so it pays to watch them all eventually. In any case, repetition helps reinforce the learning process.

sakitech

50+ Tips and Tricks for Samsung Galaxy Note 4

Explore Gadgets

Galaxy Note 4 – Tips,Tricks & Hidden Features

Galaxy Note 4 – Hidden Features (You Might Not Know About)

Top 10 Best Apps for Galaxy Note 4

LuneTech

Samsung Galaxy Note 4 Tips and Tricks, and Other Hidden Features

Gizmo Journal

Galaxy Note 4 Hidden Gestures, Tips & Tricks You Don’t Know About #1

Samsung Galaxy Note 4 Hidden Software Features, Tips & Tricks #2

Pocketnow

S Pen Lesson: Galaxy Note 4 Edition

PhoneArena

Samsung Galaxy Note 4 – 30 Tips and Tricks

Mike Beauchamp

24 Tips and Tricks You Need for the Galaxy Note 4

AskTheAndroidGuy

How to Disable Flipboard Briefing on the Galaxy Note 4

10 Best Features of the Galaxy Note 4

How to Setup the Camera on the Galaxy Note 4

10 Hidden Features of the Galaxy Note 4 You Don’t Know About

Galaxy Note 4 Lockscreen

How to Speed Up the Galaxy Note 4

Gadgets Portal

Samsung Galaxy Note 4 – 50+ Tips & Tricks, Hidden Features & Gestures you ‘Must Know’

Samsung GALAXY NOTE 4 Hidden TIPS & TRICKS, Advanced Tutorial #1

Galaxy NOTE 4 Advanced TIPS & TRICKS, HACKS- Part 2

Galaxy NOTE 4 Hidden TIPS & TRICKS, Hacks for Advanced Users #3

Babbling Boolean

50+ Tips and Tricks for the Samsung Galaxy Note 4

Oawalker

Samsung Galaxy Note 4 – SECRET CODES

C4ETech

Galaxy Note 4 Software – Tips & Tricks, Hidden Features & Everything Else – Part 1/2

Galaxy Note 4 Software – Tips & Tricks, Hidden Features & Everything Else – Part 2/2

SAMSUNGMOBILEUK

How to use the advance S Pen feature on Samsung Galaxy Note 4

How to use Camera Selfie mode of Samsung Galaxy Note 4

How to use Photo Note feature on Samsung Galaxy Note 4

How to use Smart Select feature on Samsung Galaxy Note 4

How to use Multi window and Popup window on Samsung Galaxy Note 4

How to use S Health on Samsung Galaxy Note 4

Android Authority

Samsung Galaxy Note 4: S Pen

Intellect Digest

20 Best Tips, Tricks & Hidden Features Of Samsung Galaxy Note 4- Must Watch For Note 4 Users

Brian Edition

Samsung Galaxy Note 4 Tips & Tricks PART 1

GALAXY NOTE 4 Tips & Tricks v2.0

KDE Connect – Link your Android device to your KDE desktop

KDE Connect app icon on my Samsung Galaxy Note II

KDE Connect app icon on my Samsung Galaxy Note II

KDE Connect is a nice tool that links your Android phone or tablet seamlessly via WiFi to KDE on your PC (the latter can be connected via WiFi or cable to the network). It allows your KDE desktop to receive notifications, files and media player commands from your Android device. The available KDE Connect plug-ins are:

Battery report
Periodically report battery status

Clipboard sync
Share the clipboard content

Multimedia remote controls
Control audio/video from your phone
(pause; first track; previous track; next track; last track; change volume)

Notification sync
Access your notification from other devices

Ping
Send and receive pings

Telephony notifier
Send notifications from SMS and calls

You will need to install the Android KDE Connect application on your Android device, and the Linux KDE Connect application on your PC.

Install the KDE Connect app on your Android device from the Google Play Store. You will then see the KDE Connect icon on the apps screen of your Android device.

For Gentoo users an ebuild for KDE Connect is available in the Gentoo KDE team’s testing overlay, so here are the instructions on how to install KDE Connect on your PC from there.

Firstly, mask the KDE overlay so that none of the packages in it interferes with the KDE software you installed from the main Portage tree:

# echo "*/*::kde" >> /etc/portage/package.mask

Then unmask the KDE Connect package in the KDE overlay:

# echo "kde-misc/kdeconnect" >> /etc/portage/package.unmask

N.B. If /etc/portage/package.mask is a directory rather than a file (either is possible) in your installation, and if /etc/portage/package.unmask is a directory rather than a file (either is possible) in your installation, use the following commands instead of the above two commands:

# echo "*/*::kde" > /etc/portage/package.mask/kde_overlay
# echo "kde-misc/kdeconnect" > /etc/portage/package.unmask/kdeconnect

Now add the KDE overlay and merge the package:

# layman -a kde
# emerge kdeconnect

If a firewall is running on your PC, you will need to configure it to allow tcp and udp traffic via a specific range of ports (1714 to 1764). I have UFW running on my main laptop, so in my case I used the following commands:

# ufw allow proto tcp to any port 1714:1764
# ufw allow proto udp to any port 1714:1764

The rules should look like this:

# ufw status verbose | grep 1714
1714:1764/tcp ALLOW IN Anywhere
1714:1764/udp ALLOW IN Anywhere
1714:1764/tcp ALLOW IN Anywhere (v6)
1714:1764/udp ALLOW IN Anywhere (v6)

If you have the KConfig Module kcm_ufw installed on your PC then you can instead use System Settings > Firewall to add the UFW rules via the KDE GUI.

By the way, to check which KConfig modules are installed on your PC you can use the following command under your user account:

$ kcmshell4 --list

Using KDE Connect is not difficult, so I will leave you to play with it. Obviously make sure WiFi is enabled on your Android device, and that it and your PC are connected to the same network. Tap on the KDE Connect icon on your Android device to launch the app, and you should see your PC’s name listed under CONNECTED DEVICES. Tap on the PC name and you should see the following screen:

KDE Connect screen

KDE Connect screen

If you tap on ‘Send ping’, the KDE Notification widget on the KDE System Tray should pop up a notification.

You can see what KDE Connect plug-ins are available, and select/deselect them:

KDE Connect plugins

KDE Connect plugins

KDE Connect also enables you to use your Android device as a remote control for media players running on your PC. When you launch a media player in KDE its name will appear in a list of selectable players in KDE Connect, and the name of the track currently playing will also be displayed:

KDE Connect - Remote control

KDE Connect - Remote control

When you select a file on your Android device and tap the Share icon, KDE Connect will be one of the options displayed on the ‘Share via’ menu. This is a handy way to send files from your Android device to your PC. The KDE Notification widget on your PC will notify you when the file has been transferred to ~/Desktop/ on your PC:

KDE on your PC notifies you when a file has been sent via KDE Connect

KDE on your PC notifies you a file has been sent via KDE Connect

You should also get notifications on your KDE desktop when someone phones or sends you an SMS.

Kudos and many thanks to the people responsible for KDE Connect. KDE is already a superb desktop environment, and with the addition of KDE Connect it is better still.