Iñaki Arenaza iarenaza@identi.ca
Vitoria-Gasteiz, Spain
FLOSS advocate, digital liberties advocate, free culture and knowledge advocate, EFF and FSF member, IT and Education passionate.
2017-12-06T10:23:13Z via Dianara To: Public CC: Followers
Just received my #fsfbulletin
AJ Jordan likes this.
User shared by Iñaki Arenaza at 2016-09-09T07:42:12Z via AndStatus To: Public
Renewable energy now supplies almost a quarter of the world's power needs
http://http//www.sciencealert.com/renewable-energy-now-supplies-almost-a-quarter-of-the-world-s-power-needs-- likes this.
Iñaki Arenaza shared this.
\o/
And it could be much more if we got rid of certain mafias... *sigh*
Petición al gobierno vasco para que adopte software libre en las instituciones
victorhck shared by Iñaki Arenaza at 2016-09-08T17:44:50Z via AndStatus To: Public
Únete a la petición para que el gobierno vasco adopte y fomente medidas de software libre en las instituciones y en su relación con las ciudadanas y los ciudadanos.
eomer, PuppetMast3r, Malvin likes this.
Colegota, PuppetMast3r, PuppetMast3r, Iñaki Arenaza and 1 others shared this.
Go go go!
Christopher Allan Webber shared by Iñaki Arenaza at 2016-09-01T22:00:43Z via AndStatus To: Public
Thinking about adding a localhost-only HTTP API or line-based protocol to your project? Probably not a good idea, because you can use DNS rebinding to get at/mutate that data, or whatever execution stuff is possible, through the developer's own browser.
James Dearing 🐲 likes this.
Iñaki Arenaza, Iñaki Arenaza shared this.
Show all 6 replies
(I'll bet that TAILS uses Diane's unbound suggestion to solve this, right? But unless the tor browser bundle includes its own dns resolver, I think it probably doesn't.)
It feels to me like using named pipes in the cases where you might use an unauthenticated port over localhost would be pretty frequently much, much better.
https://tails.boum.org/contribute/design/Tor_enforcement/DNS/
Looks like they run a local resolver, and they do block some of the private IPs. Its unclear if it blocks 127.0.0.0/8 though.
I soooooooo agree! And the current “do everything in the browser” thing need to go out the window too.
Christopher Allan Webber shared by Iñaki Arenaza at 2016-09-01T22:00:38Z via AndStatus To: Public
Thinking about adding a localhost-only HTTP API or line-based protocol to your project? Probably not a good idea, because you can use DNS rebinding to get at/mutate that data, or whatever execution stuff is possible, through the developer's own browser.
James Dearing 🐲 likes this.
Iñaki Arenaza, Iñaki Arenaza shared this.
Show all 6 replies(I'll bet that TAILS uses Diane's unbound suggestion to solve this, right? But unless the tor browser bundle includes its own dns resolver, I think it probably doesn't.)
It feels to me like using named pipes in the cases where you might use an unauthenticated port over localhost would be pretty frequently much, much better.
https://tails.boum.org/contribute/design/Tor_enforcement/DNS/
Looks like they run a local resolver, and they do block some of the private IPs. Its unclear if it blocks 127.0.0.0/8 though.I soooooooo agree! And the current “do everything in the browser” thing need to go out the window too.
Pump.io 1.0.0 is now available!
Pump.io Community shared by Iñaki Arenaza at 2016-08-27T16:40:19Z via AndStatus To: Public
Greetings, pumpers!
Pump.io 1.0.0 is now available! You can get it from npm or GitHub.
Note that this release does contain security improvements. Admins are strongly encouraged to upgrade.
Curious to find out more? Check out the release announcement!ostfriesenmärz, archaeme, Marcos, Sotitrox and 31 others likes this.
ostfriesenmärz, archaeme, Marcos, Jose Carlos Jimenez and 18 others shared this.
Show all 6 replies
>> JanKusanagi:
"Why would it not be? =)”
I was watching Alex's talk about the Pump.io network the other day, and he mentioned that Identi.ca is a super special snowflake because it's been modified to read from the old Status.net data store as well as the new Pump.io one, so I figured it might not be a supported configuration.
It's already Pump.io just like the other nodes, there's no reason not to upgrade it.
It has extra data from the StatusNet import, but that was converted loooong ago.
JanKusanagi @identi.ca at 2016-08-28T01:57:51Z
AJ Jordan, Claes Wallin (韋嘉誠), Screwtape likes this.
@Screwtape unfortunately my answer to that particular question was misinformed. Jan is correct - identi.ca is a special snowflake, but that's just because of the sheer size of the database, not because of any custom code. (Maybe I should add a note to the video...)
In any case, identi.ca will, in fact, probably get 1.0.0 at some point :)
AJ Jordan at 2016-08-29T00:14:34Z
Claes Wallin (韋嘉誠), Screwtape likes this.
A trabajar!
Pump.io 1.0.0 is now available!
Pump.io Community shared by Iñaki Arenaza at 2016-08-27T16:40:16Z via AndStatus To: Public
Greetings, pumpers!
Pump.io 1.0.0 is now available! You can get it from npm or GitHub.
Note that this release does contain security improvements. Admins are strongly encouraged to upgrade.
Curious to find out more? Check out the release announcement!ostfriesenmärz, archaeme, Marcos, Sotitrox and 31 others likes this.
ostfriesenmärz, archaeme, Marcos, Jose Carlos Jimenez and 18 others shared this.
Show all 6 replies>> JanKusanagi:
"Why would it not be? =)”
I was watching Alex's talk about the Pump.io network the other day, and he mentioned that Identi.ca is a super special snowflake because it's been modified to read from the old Status.net data store as well as the new Pump.io one, so I figured it might not be a supported configuration.
It's already Pump.io just like the other nodes, there's no reason not to upgrade it.
It has extra data from the StatusNet import, but that was converted loooong ago.
JanKusanagi @identi.ca at 2016-08-28T01:57:51Z
AJ Jordan, Claes Wallin (韋嘉誠), Screwtape likes this.
@Screwtape unfortunately my answer to that particular question was misinformed. Jan is correct - identi.ca is a special snowflake, but that's just because of the sheer size of the database, not because of any custom code. (Maybe I should add a note to the video...)
In any case, identi.ca will, in fact, probably get 1.0.0 at some point :)
AJ Jordan at 2016-08-29T00:14:34Z
Claes Wallin (韋嘉誠), Screwtape likes this.
A trabajar!
"Maintaining Permissive-Licensed Files in a GPL-Licensed Project: Guidelines for Developers"
Christopher Allan Webber shared by Iñaki Arenaza at 2016-08-27T13:58:46Z via AndStatus To: Public
This is an old article, but occasionally I bump into free software projects that do the wrong thing here. Many lax licenses require that you preserve the notice, so if you're incporating that code into a stronger copyleft codebase, it's good to know what you should do.
Claes Wallin (韋嘉誠), Timo Kankare, AJ Jordan, Jason Self likes this.
Iñaki Arenaza, Olivier Mehani, Olivier Mehani, Olivier Mehani and 3 others shared this.
Building Problem Solvers released as a gratis PDF
Christopher Allan Webber shared by Iñaki Arenaza at 2016-08-27T13:56:11Z via AndStatus To: Public
Building Problem Solvers, a great book on a number of AI concepts including Truth Maintenance Systems and etc (I understand it's the best book on that particular subject) is released as a gratis PDF. You can get it here!
mnd, Andrew E, James Dearing 🐲, sirgazil and 1 others likes this.
Iñaki Arenaza shared this.
Diane Trout shared by Iñaki Arenaza at 2016-08-25T21:43:50Z via AndStatus To: Public
Well whatsapp users are about to experience being monetized. https://www.theguardian.com/technology/2016/aug/25/whatsapp-to-give-users-phone-number-facebook-for-targeted-adsbthall, Kraka, Christopher Allan Webber likes this.
Iñaki Arenaza shared this.
New stuff in Pump.io
Pump.io Community shared by Iñaki Arenaza at 2016-08-20T21:45:08Z via AndStatus To: Public
As just mentioned in a shared post, pump.io is getting a t-shirt (which you can give feedback on) and some major software upgrades (which you can help test)! More details in Pump.io: call for testers, call for feedback.
However, that's not all that's going on! If you want to read about our Conservancy application, new documentation, a conference talk, code work, and more, you can find all the details in New stuff in pump.io.
Thanks for keeping up with the pump.io project!
Michele Montagna, eomer, der.hans, Fabián Gómez and 7 others likes this.
Michele Montagna, der.hans, Doug Whitfield Sports Account, Face and 7 others shared this.
here is my take on the shirt: http://imgur.com/a/JPhqG
mray INACTIVE at 2016-08-20T10:38:42Z
Bd Sn likes this.
Free Software Foundation shared by Iñaki Arenaza at 2016-08-11T20:15:30Z via AndStatus To: Public
#SecureBoot leak reveals a backdoor in a wall that shouldn't exist in the first place. If the user can't disable SB, it's *Restricted* Boot.lnxwalt@microca.st, RiveraValdez likes this.
Stephen Michael Kellat, Iñaki Arenaza, Iñaki Arenaza shared this.
Free Software Foundation shared by Iñaki Arenaza at 2016-08-11T20:15:22Z via AndStatus To: Public
#SecureBoot leak reveals a backdoor in a wall that shouldn't exist in the first place. If the user can't disable SB, it's *Restricted* Boot.lnxwalt@microca.st, RiveraValdez likes this.
Stephen Michael Kellat, Iñaki Arenaza, Iñaki Arenaza shared this.
shared by Iñaki Arenaza at 2016-08-10T21:06:08Z via AndStatus To: Public
Alberto Moshpirit, Iván Ruvalcaba, RiveraValdez, Víctor Salmerón and 11 others likes this.
Iván Ruvalcaba, Luis A. Guzman, Michael, RiveraValdez and 31 others shared this.
The folks promoting DRM aren't playing games. Over the years I've read too many news articles where individuals have been arrested and sent to jail for DRM related offenses.Defective by Design shared by Iñaki Arenaza at 2016-08-09T06:41:00Z via AndStatus To: Public
25 years ago Saturday, Tim Berners-Lee published the first Web page. Now he's considering some reverse innovation: #DRM in Web standards. https://u.fsf.org/1u-James Dearing 🐲 likes this.
Scorpio20, Scorpio20, kesara, kesara and 5 others shared this.
I doubt Tim Berners-Lee is too bothered what you and I think when it comes to DRM. Besides if he goes upsetting his peers who are proponents of DRM then he may lose credibility, quite a few friends, and funding or opportunities for future projects.
I don't want DRM and neither should Tim Beners-Lee, if he can't deal with it maybe we should be looking for new W3C leadership.jrobertson at 2016-08-08T18:36:49Z
Jason Self likes this.
Hear, hear. New leadership if they can't stand up to Big Media.Jason Self at 2016-08-08T19:20:02Z
lnxwalt@microca.st likes this.
ContractPatch, step 1: Everything Is Negotiable.
Software Freedom Conservancy shared by Iñaki Arenaza at 2016-08-06T22:30:00Z via AndStatus To: Public
URL: https://sfconservancy.org/blog/2016/aug/04/everything-is-negotiable/
August 4, 2016 by Fred Jennings
ContractPatch, step 1: Everything Is Negotiable.
About a year ago, I got talking with some friends in the tech industry about contracts. And it began to sound like something was very, very wrong.
Working informally through personal networks of engineers, project managers, freelance designers, and many more, I ended up with a small horde of employment contracts, offer letters, work agreements, and all manner of other documents that fall under that umbrella term, “contracts.”
And almost all of the contracts were bad.
Not badly written, though some were. Not legally unenforceable, though some were.
They were bad for the people who signed them.
They waived important legal rights, gave the employer ownership of ideas and projects it had no reason to take, or imposed serious limits on future work.
And people often didn’t realize how bad these were, the risks they’d agreed to, or what rights they’d given up.
Among the few who did, most didn’t realize they could negotiate these terms. Others did, but weren’t sure how to start. Several assumed their employer wouldn’t enforce the more onerous terms.
Nobody should bet their future on that assumption. Doing so is to build one’s career on a house of cards.
But that won’t change until enough people speak up and push back, and have the tools to do so.
That’s where this project began for me.
About a month ago, I sat down over lunch with friends from Software Freedom Conservancy, and learned they’d embarked on a similar project at around the same time. In fact, Karen Sandler recently spoke on the subject as OSCON 2016.
We’re calling it ContractPatch. The idea is to provide strategy and legal knowledge to workers, along with some sample language for better contract terms.
But let’s start with the first step:
Everything is negotiable. Keep repeating that until it sticks.
Merely knowing that is an edge. Companies know it, but often don’t want their employees or potential hires to realize it. Some employers even structure their hiring, renewal, and termination processes to discourage negotiation. This can halt inexperienced negotiators, especially those from historically underrepresented groups who face widespread employer prejudice that can undermine their perceived ability to negotiate. Everyone will enter a negotiation with different leverage, different goals, and unique needs and strengths.
There are no magic words, but anyone can learn the techniques and strategies to approach contract negotiations. Like any other skill, it may not be easy at first. Also like any other skill, it can be broken down into steps, practiced, and will become easier over time.
And we’re here to teach.
In the coming months, we’ll write about legal and strategic points in contract negotiation strategies, pre-negotiation prep and practice, methods for negotiating, and we’ll provide information on your legal rights around contracts.
Down the road, we’ll look at specific contract provisions — especially those that impact tech workers the most, such as non-compete agreements and intellectual property assignment clauses. This will go hand-in-hand with a Github repository with forkable sample language for key contract provisions, such as payment terms, benefits, non-competition and non-solicitation agreements, and intellectual property assignment clauses.
But let’s walk before we run. The first step is knowing you can negotiate. Next, we’ll discuss the balance of power in hiring agreement negotiations, and how to self-evaluate your position before a negotiation begins. After that, we’ll cover timing and strategies around contract renewals, raises, and other opportune moments to renegotiate.
Whether it’s an employment offer, a mid-project contract renewal, or a termination agreement, its terms can be pushed on. Often, they can be changed. And getting there gracefully is an art, more dance than declaration.
And we want you to know as much as you can before your next dance starts.
Posted by Fred Jennings on August 4, 2016. Please email any comments on this entry to info@sfconservancy.org.
uıɐɾ ʞ ʇɐɯɐs, Tyng-Ruey Chuang, Sam Black, Christopher Allan Webber and 7 others likes this.
Iñaki Arenaza, Iñaki Arenaza, Sam Black, Christopher Allan Webber and 6 others shared this.
Show all 5 replies
@brashley46 ... and Monster, CareerBuilder, Dice, Indeed, and every other job-search site (including the California Employment Development Department's CalJobs site).lnxwalt@microca.st at 2016-08-05T21:55:44Z
Stephen Michael Kellat likes this.
Contract with Swedish employer/client: "[You work here. This is the salary/fee.]".
Contract with US client: "Here's our 40-page standard contract."Claes Wallin (韋嘉誠) at 2016-08-07T08:08:33Z
Douglas Perkins likes this.
My Swedish job contract is literally a 1-sheet form with fields for address, name, etc, and a 3-row box "special terms" for things like above-standard pension, above-standard vacation, subsidized lunch coupons, commission and the like.Claes Wallin (韋嘉誠) at 2016-08-07T08:11:14Z
Douglas Perkins likes this.
My first client contract ever, with my former employer: "Oh right, we should get around to writing a contract at some point".
We didn't. :-)ContractPatch, step 1: Everything Is Negotiable.
Software Freedom Conservancy shared by Iñaki Arenaza at 2016-08-06T22:29:59Z via AndStatus To: Public
URL: https://sfconservancy.org/blog/2016/aug/04/everything-is-negotiable/
August 4, 2016 by Fred Jennings
ContractPatch, step 1: Everything Is Negotiable.
About a year ago, I got talking with some friends in the tech industry about contracts. And it began to sound like something was very, very wrong.
Working informally through personal networks of engineers, project managers, freelance designers, and many more, I ended up with a small horde of employment contracts, offer letters, work agreements, and all manner of other documents that fall under that umbrella term, “contracts.”
And almost all of the contracts were bad.
Not badly written, though some were. Not legally unenforceable, though some were.
They were bad for the people who signed them.
They waived important legal rights, gave the employer ownership of ideas and projects it had no reason to take, or imposed serious limits on future work.
And people often didn’t realize how bad these were, the risks they’d agreed to, or what rights they’d given up.
Among the few who did, most didn’t realize they could negotiate these terms. Others did, but weren’t sure how to start. Several assumed their employer wouldn’t enforce the more onerous terms.
Nobody should bet their future on that assumption. Doing so is to build one’s career on a house of cards.
But that won’t change until enough people speak up and push back, and have the tools to do so.
That’s where this project began for me.
About a month ago, I sat down over lunch with friends from Software Freedom Conservancy, and learned they’d embarked on a similar project at around the same time. In fact, Karen Sandler recently spoke on the subject as OSCON 2016.
We’re calling it ContractPatch. The idea is to provide strategy and legal knowledge to workers, along with some sample language for better contract terms.
But let’s start with the first step:
Everything is negotiable. Keep repeating that until it sticks.
Merely knowing that is an edge. Companies know it, but often don’t want their employees or potential hires to realize it. Some employers even structure their hiring, renewal, and termination processes to discourage negotiation. This can halt inexperienced negotiators, especially those from historically underrepresented groups who face widespread employer prejudice that can undermine their perceived ability to negotiate. Everyone will enter a negotiation with different leverage, different goals, and unique needs and strengths.
There are no magic words, but anyone can learn the techniques and strategies to approach contract negotiations. Like any other skill, it may not be easy at first. Also like any other skill, it can be broken down into steps, practiced, and will become easier over time.
And we’re here to teach.
In the coming months, we’ll write about legal and strategic points in contract negotiation strategies, pre-negotiation prep and practice, methods for negotiating, and we’ll provide information on your legal rights around contracts.
Down the road, we’ll look at specific contract provisions — especially those that impact tech workers the most, such as non-compete agreements and intellectual property assignment clauses. This will go hand-in-hand with a Github repository with forkable sample language for key contract provisions, such as payment terms, benefits, non-competition and non-solicitation agreements, and intellectual property assignment clauses.
But let’s walk before we run. The first step is knowing you can negotiate. Next, we’ll discuss the balance of power in hiring agreement negotiations, and how to self-evaluate your position before a negotiation begins. After that, we’ll cover timing and strategies around contract renewals, raises, and other opportune moments to renegotiate.
Whether it’s an employment offer, a mid-project contract renewal, or a termination agreement, its terms can be pushed on. Often, they can be changed. And getting there gracefully is an art, more dance than declaration.
And we want you to know as much as you can before your next dance starts.
Posted by Fred Jennings on August 4, 2016. Please email any comments on this entry to info@sfconservancy.org.
uıɐɾ ʞ ʇɐɯɐs, Tyng-Ruey Chuang, Sam Black, Christopher Allan Webber and 7 others likes this.
Iñaki Arenaza, Iñaki Arenaza, Sam Black, Christopher Allan Webber and 6 others shared this.
Show all 5 replies@brashley46 ... and Monster, CareerBuilder, Dice, Indeed, and every other job-search site (including the California Employment Development Department's CalJobs site).lnxwalt@microca.st at 2016-08-05T21:55:44Z
Stephen Michael Kellat likes this.
Contract with Swedish employer/client: "[You work here. This is the salary/fee.]".
Contract with US client: "Here's our 40-page standard contract."Claes Wallin (韋嘉誠) at 2016-08-07T08:08:33Z
Douglas Perkins likes this.
My Swedish job contract is literally a 1-sheet form with fields for address, name, etc, and a 3-row box "special terms" for things like above-standard pension, above-standard vacation, subsidized lunch coupons, commission and the like.Claes Wallin (韋嘉誠) at 2016-08-07T08:11:14Z
Douglas Perkins likes this.
My first client contract ever, with my former employer: "Oh right, we should get around to writing a contract at some point".
We didn't. :-)Chaoskey 1.0 released (USB hardware random number generator)
Debian Project shared by Iñaki Arenaza at 2016-08-05T14:44:33Z via AndStatus To: Public
The ChaosKey hardware random number generator described in talks at Debconf 14 and Debconf 16 has been released. Details about its free hardware and free software in http://chaoskey.org /via @Bdale Garbee and Keith Packard in Planet Debian
der.hans, Nathan Willis likes this.
Iñaki Arenaza, der.hans, der.hans shared this.
