David Nelson dnel@identi.ca

via reddit

#Perseid #meteor #photo

Will LetsEncrypt work? Who's to say. I hope so. There are several problems with SSL right now, perhaps the biggest of which is that we're supposed to pay for certificates. A system that makes you pay extra to be secure is one which advocates, explicitly, insecurity.

Oh, I can use CACert, and I do and I like it, but then servers might not talk to my server and Google might downrank me. Plus, my relatives who aren't computer-savvy get confused and tell me my site is broken. That's not so bad ... education is important, so I explain to them no, it's actually safe and here's why. Or I can use StartSSL, but then I can't revoke certificates without paying, and anyway StartSSL's web interface is annoying to operate.

Can anyone explain to me why federation on pump.io shouldn't work on CACert certificates? Other than, "the library is set up that way". If you want to blame the library, I'm OK with that, but then let's see about changing libraries.

As an aside, older versions of IE crash on self-signed certificates. That was annoying as hell, when my old work machine would crash on loading my personal website.

The CA system has many problems that many of people have articulated in elegant ways, but the biggest, the far biggest problem from my point of view, is that it tells us we have to pay real money if we want to secure our systems. That is just plainly bad.

Still quite early in this project but, KDE connect is looking quite nice so far.

I've installed the desktop part out of the AUR and out of F-Droid for my phone and tablet.

With this set up, I can see notifications from my devices on my desktop, check battery levels, easily transfer files from the devices to my desktop, etc...

More functionality is planned but, so far I'm loving it. ;)

#KDE #Android #awesome

Just got a static IP. :-)

In light of recent #NSA news about back doors, let me make some armchair general observations.

As for the NSA asking companies for back doors.

• Probably any major email provider or ISP has been contacted by the NSA and asked for a back door. Possibly other organizations than just the NSA.
• Some companies no doubt agreed, especially those who made money by agreeing, like probably some major phone companies.
• Some companies probably didn't agree except their lawyers said they had to.
• Probably major Linux organizations have had similar requests made.
• If your ISP or email provider has not commented on NSA spying, particularly after you've asked them specifically about it, it probably means they've been complicit in some way. Every company that hasn't been complicit gets an automatic boost in their reputation with all the privacy nuts. (And by privacy nuts I mean to include the majority of Americans, since the majority of Americans value privacy.)

As for #NSA responses and future steps.

• The NSA has learned that they can lie and nothing bad happens.
• Therefore making new rules is pointless, because the NSA will ignore them and lie about it.
• Making new rules could become pointful if the NSA were largely gutted or restructured. But the NSA is very powerful, so this is hard to do.
• Regarding lying about spying, ditto for politicians.

As for spying and abuse of the system.

• Snowden had access and threw away his life as he knew it to reveal secrets.
• Others had as much access.
• Even the NSA doesn't know who has access. That's how many people have access.
• Surely somebody has gotten some information from the NSA's giant data gathering machine and used it to either (a) make money or (b) blackmail people in order to (a) make money or (c) gain power in some fashion. There are (or at least were) too many people with too much access and there's too much money to be made to imagine otherwise.
• If you think the previous point is silly, ask yourself this: Do the greedy shady people outnumber the whistleblowing population?

As for future steps.

• The goal for me, and for most of us, was never to stop all spying or all observation. That's impossible and kind of pointless.
• The goal is to make the excessive and bad spying expensive, either in cash or in resources, and therefore not feasible. As such, using crypto of any kind is a good start, and using better crypto is a good follow-up.
• Decentralization is also very good.

I have finally ordered myself a moka pot... :)

#coffee

CAKE!

Facebook makes us sad http://www.wnyc.org/npr_articles/2013/aug/20/facebook-makes-us-sadder-and-less-satisfied-study-finds/

Now if someone could come up with a study showing using pump.io makes us happy ?!

Just found out that my brother and his girlfriend are expecting. Guess there will be another Pope in the world in early '14. ;)

Want to support FOSS and mobile phones? Here you go. Firefox phone now available in the UK: http://www.ebay.co.uk/itm/ZTE-Open-3G-Unlocked-Firefox-OS-Cellphone-Orange-Ebay-exclusive-/171104024854?pt=UKMobilePhones&hash=item27d6983916 …

And clearly still bitter about the whole event. ;-)

25 years on, I'm still here on my first visit.

Remember how NSA cheerleaders used to tell you, "Don't use encryption, because it catches the NSA's eye, and then they'll look at you more carefully."

What do we make of that advice now that we know the NSA is looking at everyone carefully? Best I can tell, it means we all gotta use encryption just to make their haystack a haystack full of noise. Then they can have a lot of fun with it all and we won't worry quite as much. :-)

One of my favorite moments from BarCamp Blackpool.

Freaky Clown "Yes, I'm not very good with names unless they're weird.

Me "Hi there I suspect you have no idea who I am?"

Freaky Clown "I'm afraid not.

Me "My nick is dick_turpin"

Freaky Clown "Oh God yeah, I know you!"

Bwahahaha

Started using OpenNIC DNS and signed up for a MyKolab email account...